Lucene search
K

216 matches found

CNNVD
CNNVD
added 2022/05/09 12:0 a.m.10 views

Magnitude Simba Amazon Redshift ODBC Driver 参数注入漏洞

Magnitude Simba Amazon Redshift ODBC Driver is an ODBC driver from Magnitude, Inc. It supports business intelligence BI, analytics, and reporting on data stored in the Amazon Redshift Data Warehouse. The Magnitude Simba Amazon Redshift ODBC Driver is vulnerable to a parameter injection...

7.8CVSS7.8AI score0.03686EPSS
Exploits0References5
OSV
OSV
added 2022/04/19 9:15 p.m.6 views

CVE-2022-21411

Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

5.4CVSS6.7AI score0.00548EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.3 views

Oracle Database Server 输入验证错误漏洞

Oracle Database Server is a relational database management system from Oracle Corporation. Java VM is one of the Java Virtual Machine components.An input validation error vulnerability exists in the RDBMS Gateway/Generic ODBC connection component of Oracle Database Server, which originates from...

5.5CVSS8AI score0.00548EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.5 views

The vulnerability of the VMware Workspace ONE Access application management platform, the VMware vRealize Automation virtual infrastructure management tool, the VMware Identity Manager (vIDM) administration consoles, the VMware Cloud Foundation virtualization platform, and the vRealize Suite Lifecycle Manager software for application lifecycle management, is related to deficiencies in the deserialization mechanism, allowing an attacker to execute arbitrary code.

The vulnerabilities of the VMware Workspace ONE Access application management platform, the VMware vRealize Automation virtual infrastructure management tool, the VMware Identity Manager vIDM administration consoles, the VMware Cloud Foundation virtualization platform, and the vRealize Suite...

9.1CVSS8AI score0.02952EPSS
Exploits5References5Affected Software3
CNNVD
CNNVD
added 2022/04/06 12:0 a.m.4 views

多款 VMware 产品跨站请求伪造漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

4.3CVSS6.9AI score0.00497EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/06 12:0 a.m.5 views

多款 VMware 产品代码问题漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

7.2CVSS8.2AI score0.02952EPSS
Exploits5References3
CNNVD
CNNVD
added 2022/03/15 12:0 a.m.3 views

Jenkins dbCharts 插件安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins dbCharts Plugin is vulnerable to an information disclosure...

6.5CVSS5.7AI score0.00887EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/01/10 12:0 a.m.5 views

The vulnerability of the Java-programming logging library Apache Log4j2 lies in the lack of additional JNDI control elements, allowing attackers to execute arbitrary code.

The vulnerability of the Apache Log4j2 Java-programming logging library is related to the absence of additional JNDI control elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using JDBC Appender...

7.1CVSS7.9AI score0.97906EPSS
Exploits9References11Affected Software11
Cvelist
Cvelist
added 2021/07/20 7:29 p.m.28 views

CVE-2020-23284

Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application...

7.3AI score0.01003EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/21 12:0 a.m.5 views

The vulnerability of the SQLDriverConnect function in the ODBC library for UNIX UnixODBC, related to an exception that triggers outside the allowed data buffer limits, allows a malicious actor to cause a service failure.

The vulnerability of the SQLDriverConnect function in the ODBC library for UNIX systems is related to a buffer overflow caused by a long string in the DRIVER option. Exploiting this vulnerability can allow an attacker to cause a service failure...

3.8CVSS5.8AI score0.0051EPSS
Exploits0References4Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.71 views

EulerOS 2.0 SP5 : mysql-connector-java (EulerOS-SA-2021-1215)

According to the version of the mysql-connector-java package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the...

8.5CVSS7.2AI score0.02877EPSS
Exploits0References2
Fedora
Fedora
added 2020/09/25 5:6 p.m.42 views

[SECURITY] Fedora 33 Update: mysql-connector-java-8.0.21-1.fc33

MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...

5.1CVSS1.3AI score0.032EPSS
Exploits0
NVD
NVD
added 2020/06/01 5:15 p.m.18 views

CVE-2014-9702

system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information username and password via any request, such as a password reset request...

7.5CVSS7.5AI score0.01347EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/06/01 4:56 p.m.22 views

CVE-2014-9702

system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information username and password via any request, such as a password reset request...

7.5AI score0.01347EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2020/04/20 7:43 a.m.35 views

Description of Office Access Runtime and Data Connectivity Components 2007 SP3

Describes the improvements that Office Access Runtime and Data Connectivity Components 2007 SP3 provides and the issues that it fixes.IntroductionMicrosoft Office Access Runtime and Data Connectivity Components 2007 Service Pack 3 SP3 provides the latest updates to Microsoft Office Access 2007...

0.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.6 views

The vulnerability of the Database Gateway for ODBC component in the Oracle Database Server database management system allows a hacker to gain access to modify, add, or delete data, or to cause partial service interruption.

The vulnerability of the Oracle Database Server ODBC driver’s database server lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or cause a partial service failure using the OracleNet network protocol...

4.9CVSS6.1AI score0.0077EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.8 views

The vulnerability of the Database Gateway for ODBC component in the Oracle Database Server database management system allows a hacker to cause a service failure.

The vulnerability of the Oracle Database Server ODBC driver database server’s firewall is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the OracleNet network protocol...

5.9CVSS6.5AI score0.01466EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.6 views

The vulnerability of the Database Gateway for ODBC component of the Oracle Database Server allows a hacker to gain full control over the application.

The vulnerability of the Oracle Database Server ODBC driver’s database server lies in its lack of access control mechanisms. Exploiting this vulnerability allows an attacker to gain full control over the application through the OracleNet network protocol...

6CVSS6.1AI score0.00792EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/01/15 5:15 p.m.3 views

CVE-2020-2517

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Procedure, Create Database Link privilege with...

3.3CVSS6.3AI score0.0077EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/08/16 12:0 a.m.10 views

Fedora Update for mariadb-connector-odbc FEDORA-2019-60befaed69

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder