Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-26794

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-21 Feb, 2025 | 00:00
Updated At-22 Feb, 2025 | 00:09
Rejected At-
Credits

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:21 Feb, 2025 | 00:00
Updated At:22 Feb, 2025 | 00:09
Rejected At:
▼CVE Numbering Authority (CNA)

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.

Affected Products
Vendor
EximExim
Product
Exim
Default Status
unaffected
Versions
Affected
  • From 4.98 before 4.98.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-89CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Type: CWE
CWE ID: CWE-89
Description: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exim.org
N/A
https://github.com/Exim/exim/wiki/EximSecurity
N/A
https://www.exim.org/static/doc/security/CVE-2025-26794.txt
N/A
https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305
N/A
https://bugzilla.suse.com/show_bug.cgi?id=1237424
N/A
https://github.com/NixOS/nixpkgs/pull/383926
N/A
https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d
N/A
Hyperlink: https://exim.org
Resource: N/A
Hyperlink: https://github.com/Exim/exim/wiki/EximSecurity
Resource: N/A
Hyperlink: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
Resource: N/A
Hyperlink: https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305
Resource: N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1237424
Resource: N/A
Hyperlink: https://github.com/NixOS/nixpkgs/pull/383926
Resource: N/A
Hyperlink: https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2025/02/19/1
N/A
http://www.openwall.com/lists/oss-security/2025/02/21/4
N/A
http://www.openwall.com/lists/oss-security/2025/02/21/5
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/19/1
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/21/4
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/21/5
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:21 Feb, 2025 | 13:15
Updated At:22 Feb, 2025 | 01:15

Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-89Secondarycve@mitre.org
CWE ID: CWE-89
Type: Secondary
Source: cve@mitre.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.suse.com/show_bug.cgi?id=1237424cve@mitre.org
N/A
https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305cve@mitre.org
N/A
https://exim.orgcve@mitre.org
N/A
https://github.com/Exim/exim/wiki/EximSecuritycve@mitre.org
N/A
https://github.com/NixOS/nixpkgs/pull/383926cve@mitre.org
N/A
https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82dcve@mitre.org
N/A
https://www.exim.org/static/doc/security/CVE-2025-26794.txtcve@mitre.org
N/A
http://www.openwall.com/lists/oss-security/2025/02/19/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2025/02/21/4af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2025/02/21/5af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1237424
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exim.org
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/Exim/exim/wiki/EximSecurity
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/NixOS/nixpkgs/pull/383926
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/19/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/21/4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/02/21/5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

75Records found
CVE-2024-57632
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the is_column_unique component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57634
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the exp_copy component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the itc_sample_row_check component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57617
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the dameraulevenshtein component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57635
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the chash_array component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57619
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the atom_get_int component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57616
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.23%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the vscanf component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57629
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the tail_type component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57626
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the mat_join2 component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57637
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the dfe_unit_gb_dependant component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57633
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.62%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the exps_bind_column component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57622
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the exp_bin component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57643
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the box_deserialize_string component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57628
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the exp_values_set_supertype component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57625
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the merge_table_prune_and_unionize component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57621
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the GDKanalytical_correlation component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57638
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the dfe_body_copy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57627
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the gc_col component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57657
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the sqlg_vec_upd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57658
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the sql_tree_hash_1 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57615
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.23%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the BATcalcbetween_intern component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57648
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the itc_set_param_row component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57620
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.50%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-10 Apr, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the trimchars component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-monetdbn/a
Product-monetdbn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-57652
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.04% / 76.55%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 00:00
Updated-17 Apr, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the numeric_to_dv component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Action-Not Available
Vendor-openlinkswn/a
Product-virtuoson/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-34968
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.68%
||
7 Day CHG~0.00%
Published-03 Aug, 2022 | 01:49
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.

Action-Not Available
Vendor-perconan/a
Product-percona_servern/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found