Adive Framework 跨站脚本漏洞

Adive Framework is a PHP-based MySQL database management framework. A cross-site scripting vulnerability exists in Adive Framework version 2.0.8, which stems from a failure to adequately encode user-controlled input, leading to a cross-site scripting XSS vulnerability that allows an attacker to...

Oracle MySQL Denial of Service Vulnerability (CNVD-2024-20811)

Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker could exploit this vulnerability to cause MySQL Server to hang or crash frequently and repeatedly...

ROS-20240411-03

A vulnerability in the bsonutf8validate function of the MongoDB database management system is related to a loop with an unreachable exit condition. unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

GHSA-27JX-FFW8-XRQV pgAdmin Remote Code Execution (RCE) vulnerability

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

CVE-2024-3116

CVE-2024-3116 affects pgAdmin

CVE-2024-3116 Remote Code Execution Vulnerability through the validate binary path API in pgAdmin 4

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

CVE-2024-3116 Remote Code Execution Vulnerability through the validate binary path API in pgAdmin 4

pgAdmin = 8.4 is affected by a Remote Code Execution RCE vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the...

ROS-20240404-18

Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...

ROS-20240402-03

A vulnerability in the Redis database management system DBMS involves integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20240329-13

Vulnerability of PostgreSQL database management system is related to the possibility of sending signals to superuser processes using the pgsignalbackend role. to superuser processes using the pgsignalbackend role. Exploitation of the vulnerability could allow a remote attacker to cause a denial o...

TeoSOFT Software TeoBASE SQL注入漏洞

TeoSOFT Software TeoBASE is a database management software from TeoSOFT Software. TeoSOFT Software TeoBASE suffers from an SQL injection vulnerability that stems from susceptibility to SQL injection attacks...

Fedora: Security Advisory (FEDORA-2024-ed884c3203)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALSA-2024:1435 Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE CVE-2024-1597...

Important: Red Hat Security Advisory: postgresql security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

postgresql:15 security update

An update is available for postgres-decoderbufs, postgresql, pgrepack, module.postgresql, module.postgres-decoderbufs, pgaudit, module.pgrepack, module.pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Some-Tweak-To-Hide-Jwt-Payload-Values - A Handful Of Tweaks And Ideas To Safeguard The JWT Payload

some-tweak-to-hide-jwt-payload-values a handful of tweaks and ideas to safeguard the JWT payload, making it futile to attempt decoding by constantly altering its value, ensuring the decoded output remains unintelligible while imposing minimal performance overhead. What is a JWT Token? A JSON Web...

PT-2024-41482 · Ооо 'Ред Софт' · Ред База Данных

Уязвимость функции main модуля guard.cpp системы управления базами данных «Ред База Данных» связана с обработкой параметров ключа -t. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании утилиты rdbguard...

Fedora: Security Advisory for postgresql-jdbc (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-TYPO3-2020-15099

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case t...