139 matches found
IBM Big SQL 缓冲区错误漏洞
IBM Big SQL is an enterprise-class, ANSI-compliant, hybrid SQL -on-Hadoop engine from IBM USA that provides massively parallel processing MPP and advanced data querying. A buffer error vulnerability exists in IBM Big SQL that allows an authenticated user with appropriate privileges to obtain...
IBM Cloud Pak for Data 安全漏洞
IBM Big SQL is an enterprise-class, ANSI-compliant hybrid SQL-on-Hadoop engine from IBM that provides massively parallel processing MPP and advanced data querying.IBM Big SQL contains a security vulnerability that could be exploited to allow an authenticated user with appropriate privileges to...
Security Bulletin: Data masking rules are not enforced when CREATE TABLE AS SELECT statement is executed in IBM Big SQL
Summary A software defect in IBM Big SQL prevents data masking rules to be enforced when a user executes CREATE TABLE AS SELECT … WITH DATA statement. The newly created table contains unmasked data. Vulnerability Details CVEID:CVE-2022-22353 DESCRIPTION: IBM Big SQL could allow an authenticated...
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Program Management (CVE-2021-35557)
Summary IBM Emptoris Program Management supports Oracle database server as a backend database. The remediated version of Oracle database server has been certified by IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-35557 DESCRIPTION: An unspecified vulnerability in Oracle...
H2 Database Console Remote Code Execution
Document Title =============== Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. Product Description =============== The H2 Console Application The Console lets you access a SQL database using a browser interface. Homepage: http://www.h2database.com/html/quickstart.html Affecte...
CVE-2021-35558
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...
CVE-2021-35557
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...
Design/Logic Flaw
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...
CVE-2021-35557
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...
CVE-2021-2330
Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this...
CVE-2021-2330
Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this...
CVE-2021-2330
Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this...
OPENSUSE-SU-2021:1058-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization bsc1173641 - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated...
Hasura GraphQL 1.3.3 Denial Of Service
Exploit Title: Hasura GraphQL 1.3.3 - Denial of Service Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Author: Dolev Farhi Date: 4/19/2021 Tested on: Ubuntu import sys import requests import threading HASURASCHEME = 'http' HASURAHOST = '192.168.1.1...
CVE-2020-14741
Vulnerability in the Database Filesystem component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Resource, Create Table, Create View, Create Procedure, Dbfsrole privilege...
Denial Of Service (DoS)
sqlite is vulnerable to denial of service DoS. The vulnerability exists in SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...
Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19925, CVE-2019-19645, CVE-2019-19924, CVE-2019-19923, CVE-2019-19880, CVE-2019-19646, CVE-2019-19926)
Summary SQLite is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2019-19925 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of a NULL pathname in the zipfileUpdate function in ext/misc/zipfile.c. By sending a specially-crafted request, a...
Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2018-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2020-1534 · Oracle · Oracle Database Server +1
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 12.1.0.2, 12.2.0.1, 18c, and 19c Description: The issue is related to a vulnerability in the Core RDBMS component of Oracle Database Server, allowing a high-privileged attacker with Create Index and Create Tabl...
PT-2020-1538 · Oracle · Oracle Database Server +1
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 12.1.0.2, 12.2.0.1, 18c, and 19c Description: The issue is related to a vulnerability in the Core RDBMS component of Oracle Database Server, allowing a high-privileged attacker with Create Materialized View and...