CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,654 vulnerabilities with CWE-89
CVE-2024-57660
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via sqlo_expand_jts SQL Statement Handling
CVSS 7.5
CVE-2024-57658
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57657
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via sqlg_vec_upd SQL Statement
CVSS 7.5
CVE-2024-57656
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57653
HIGH
Virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements in qst_vec_set_copy
CVSS 7.5
CVE-2024-57652
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57651
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via jp_add SQL Statement Handling
CVSS 7.5
CVE-2024-57650
HIGH
Virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements in qi_inst_state_free
CVSS 7.5
CVE-2024-57649
HIGH
Virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements in qst_vec_set
CVSS 7.5
CVE-2024-57648
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57647
HIGH
Virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements in row_insert_cast
CVSS 7.5
CVE-2024-57646
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57645
HIGH
openlink virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57644
HIGH
openlink virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57643
HIGH
Virtuoso 7.2.11 - Denial of Service via Crafted SQL Statements in box_deserialize_string
CVSS 7.5
CVE-2024-57642
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57641
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57640
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via dc_add_int SQL Statement Handling
CVSS 7.5
CVE-2024-57639
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via dc_elt_size SQL Injection
CVSS 7.5
CVE-2024-57638
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57637
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57636
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2024-57635
HIGH
openlink virtuoso-opensource 7.2.11 - Denial of Service via chash_array SQL Statement Handling
CVSS 7.5
CVE-2024-57634
HIGH
MonetDB Server 11.49.1 - Denial of Service via Crafted SQL Statements in exp_copy Component
CVSS 7.5
CVE-2024-57633
HIGH
MonetDB Server 11.49.1 - Denial of Service via Crafted SQL Statements
CVSS 7.5
Details
Vulnerabilities
19,654
Exploit Likelihood
High