An issue in the dc_elt_size component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

An issue in the qst_vec_set component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

An issue in the GDKanalytical_correlation component of MonetDB Server v11.47.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks.

An issue in the exp_atom component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

An issue in the HEAP_malloc component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

A remote code execution (RCE) vulnerability in Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 allows attackers to execute arbitrary code via a crafted request.

An issue in the qst_vec_get_int64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the attacker to execute malicious scripts or exfiltrate data.

An issue in the mat_join2 component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.