CVE Tools

archerydms

Enterprise Softwareoss-project

14

Cumulative CVEs

2

Monthly snapshots

#77

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting archerydms.

CVE-2023-48053Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications.7.5Nov 16, 2023
CVE-2023-30605Multiple SQL injections in sql/instance.py param_edit method in Archery - GHSL-2022-1046.5Apr 18, 2023
CVE-2023-30558Multiple SQL injections in sql/data_dictionary.py table_list method in Archery - GHSL-2022-1056.5Apr 18, 2023
CVE-2023-30557SQL injection in data_dictionary.py table_info method in Archery - GHSL-2022-1066.5Apr 18, 2023
CVE-2023-30556SQL injection in sql_optimize.py optimize_sqltuningadvisor method in Archery - GHSL-2022-1076.5Apr 18, 2023
CVE-2023-30555SQL injection in sql_optimize.py explain method in Archery - GHSL-2022-1086.5Apr 18, 2023
CVE-2023-30554SQL injection in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-1036.5Apr 18, 2023
CVE-2023-30553Multiple SQL injections in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-1026.5Apr 18, 2023
CVE-2023-30552SQL injection in sql/instance.py endpoint in Archery - GHSL-2022-1016.5Apr 18, 2023
CVE-2022-38542Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface. The project has released an update, please upgrade to v1....9.8Sep 13, 2022
CVE-2022-38539Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.9.8Sep 13, 2022
CVE-2022-38541Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.9.8Sep 13, 2022
CVE-2022-38540Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface.9.8Sep 13, 2022
CVE-2022-38538Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.9.8Sep 13, 2022
CVE-2022-38537Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.9.8Sep 13, 2022