codeigniter -- mysql database driver vulnerability

The CodeIgniter changelog reports: Security: Removed a fallback to mysqlescapestring in the mysql database driver escapestr method when there's no active database connection...

DEBIAN-CVE-2014-5251

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

DEBIAN-CVE-2012-2658

Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service crash via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has...

perl-DBD-Pg: Format string flaws by turning db notices into Perl warnings and by preparing DBD statement

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg aka DBD-Pg or libdbd-pg-perl module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service process crash via format string specifiers in 1 a crafted database warning to the pgwarn function or 2 a...

CVE-2010-1865

Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...

Sql injection

Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...

CVE-2010-1865

Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...

perl-DBD-Pg: pg_getline buffer overflow

Heap-based buffer overflow in the DBD::Pg aka DBD-Pg or libdbd-pg-perl module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pggetline functions to read database rows...

perl-DBD-Pg: pg_getline buffer overflow

Heap-based buffer overflow in the DBD::Pg aka DBD-Pg or libdbd-pg-perl module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pggetline functions to read database rows...

perl-DBD-Pg: dequote_bytea memory leak

Memory leak in the dequotebytea function in quote.c in the DBD::Pg aka DBD-Pg or libdbd-pg-perl module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service memory consumption by fetching data with BYTEA columns...

CVE-2002-0586

Format string vulnerability in NsPdLog function for the external database driver proxy daemon library libnspd.a of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters...

[CERT-intexxia] AOLServer DB Proxy Daemon Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 30 01 2002 ID 1052-300102 TITLE : AOLServer DB Proxy Daemon Format String Vulnerability CREDITS : Guillaume Pelat found this vulnerability / INTEXXIA SYSTEM AFFECTED =============== AOLServer 3.4.2 AOLServer 3.4.1 AOLServer...

New Roxen Webserver Library Issues

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! A NEW BUFFER OVERFLOW IN LIBRARY FROM ROXEN! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...