CVE-2021-24662

The Game Server Status WordPress plugin through 1.0 does not validate or escape the serverid parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page...

PostgreSQL 11.x < 11.13 / 12.x < 12.8 / 13.x < 13.4 Memory Disclosure

The version of PostgreSQL installed on the remote host is 11 prior to 11.13, 12 prior to 12.8, or 13 prior to 13.4. As such, it is potentially affected by a memory disclosure vulnerability: - A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any...

CVE-2020-16276

An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database...

Privilege Escalation

postgresql is vulnerable to privilege escalation. The vulnerability exists as it was discovered that a user could utilize the features of the PL/Perl and PL/Tcl languages to modify the behavior of a SECURITY DEFINER function created by a different user. If the PL/Perl or PL/Tcl language was used ...

Amazon Linux: Security Advisory (ALAS-2012-144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Buffer overflow

SAP Adaptive Server Enterprise ASE 15.7 before SP122 or SP63, 15.5 before ESD5.4, and 15.0.3 before ESD4.4 does not properly restrict access, which allows remote authenticated database users to 1 overwrite the master encryption key or 2 trigger a buffer overflow via a crafted RPC message to the...

Microsoft SQL Server sp_replwritetovarbin Memory Corruption

No description provided by source. $Id: ms09004spreplwritetovarbin.rb 11631 2011-01-24 19:37:58Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...

Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20121207)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 After installi...

Security feature bypass

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678...