RLSA-2024:6000 Important: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:6001 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 For more detail...

pgAdmin 8.4 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pgAdmin Binary Path API RCE', 'Description' = %q pgAdmin MSFLICENSE, 'Author' = 'M.Selim Karahan', metasploit module 'Mustafa Mutlu', lab prep. a...

ROS-20240826-04

A vulnerability exists in the Apache Derby database management system due to failure to take measures to to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the database. remotely to gain unauthorized access to t...

CVE-2024-7458

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...

CVE-2024-7458

CVE-2024-7458 affects elunez eladmin up to version 2.7. The vulnerability arises from path traversal via the file argument in the endpoints /api/deploy/upload and /api/database/upload within Database Management/Deployment Management. This can lead to accessing files outside the intended directory...

CVE-2024-7458 elunez eladmin Database Management/Deployment Management upload path traversal

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...

CVE-2024-7458 elunez eladmin Database Management/Deployment Management upload path traversal

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...

Odoo Unprotected Database Manager

Odoo is a popular ERP and CRM open-source platform. Odoo includes a database manager which can help administrators performing management operations on their Odoo databases through a web interface. If no master password is set, this web interface allows any unauthenticated and remote attacker to...

The vulnerability of the database management module of the Apache Linkis connectivity, management, and orchestration application allows a hacker to disclose protected information.

The vulnerability of the database management module of the Apache Linkis connectivity, management, and orchestration software relates to the use of files and directories accessible from external parties. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

How to Remove a XenServer Slave when it No Longer Exists in the Pool

XenCenter shows the red icon of the XenServer Slave that no longer exists in the pool.You want to eliminate that XenServer Slave but you receive the following error message when you issue the command from XenServer Master xe host-forget of that Slave. "This host cannot be forgotten because there...

Advisory ROSA-SA-2024-2449

Software: postgresql 12.1 OS: ROSA Virtualization 2.1 packageevrstring: postgresql-12.1 CVE-ID: CVE-2020-1720 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability has been discovered in PostgreSQL "ALTER ... DEPENDS ON EXTENSION" where subcommands did not perform authorization checks. An...

PT-2024-41470 · Ооо 'Ред Софт' · Ред База Данных

Уязвимость функции CCH flush модуля cch.cpp системы управления базами данных «Ред База Данных» связана с неправильным выделением свободной оперативной памяти для кэша базы данных параметр конфигурации DefaultDbCachePages. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно,...

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect Servers lies in resource management errors, which allow attackers to cause service failures.

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect Server, is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through specially crafted queries...

IBM Db2 User Enumeration Vulnerability

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A user enumeration vulnerability exists in IBM Db2 for i versions 7.2, 7.3, 7.4, and 7.5, which stems...

User Registration And Management System 3.2 SQL Injection

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title User Registration & Management System - SQLi .:. Google Dorks .:. inurl:loginsystem/index.php .:. Date: June 18, 2024 .:. Exploit Author: bRpsd .:. Contact: cyatlive.no .:. Vendor - https://phpgurukul.com/ .:...

Binary Vulnerability in DM8 at Wuhan Damon Database Co.

DM8 is a high-performance database management system with completely independent intellectual property rights launched by Damon. A binary vulnerability exists in DM8 of Wuhan Damon Database Co., Ltd. that can be exploited by attackers to cause a denial-of-service attack...

Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

postgresql security update

An update is available for postgresql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced object-relational database management system DBM...