An issue in the sqlg_parallel_ts_seq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.

An issue in the trimchars component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

A stored cross-site scripting (XSS) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.

An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

An issue in the atom_get_int component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

An issue in the sql_tree_hash_1 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField.

An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code via uploading a crafted file.

An issue in the qi_inst_state_free component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.