Security Vulnerabilities
A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an authenticated attacker to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary SQL database commands.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-08
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-08
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-08
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-08-08
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-08-08
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This issue affects Apache Seata (incubating): 2.4.0.
Users are recommended to upgrade to version 2.5.0, which fixes the issue.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-08
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-07
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-07
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-07
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-07
Page 1