The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to insufficient input data validation, allows a perpetrator to cause service failures.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

CVE-2023-29245 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0

A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...

Fujitsu Arconte Áurea SQL Injection Vulnerability

Fujitsu Arconte Áurea is a view recording system from Fujitsu Japan. A security vulnerability exists in Fujitsu Arconte Áurea versions prior to 1.5.0.0. An attacker could exploit the vulnerability to read sensitive data from the database, modify data insert/update/delete, perform database...

ROS-20230825-04

Redis database management system DBMS vulnerability is related to buffer overflow. Exploitation exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

Nozomi Networks Guardian/CMC SQL Injection Vulnerability

Nozomi Networks Guardian/CMC is a centralized management console from Nozomi Networks, Inc. in the United States. Nozomi Networks Guardian/CMC suffers from a SQL injection vulnerability that stems from incorrect input validation in the alertscount component, which allows an authenticated attacker...

Moderate: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: postgresql:12 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining. CVE-2023-2455 postgresql: Client memory disclosure...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to insufficient validation of input data, allows a perpetrator to trigger service failures.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted reques...

Moderate: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

IBM DB2 缓冲区错误漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a buffer overflow vulnerability that stems from the presence of incorrect...

Moderate: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2023:3714 Moderate: postgresql security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining. CVE-2023-2455 For more details about the security...

Siemens SIMATIC STEP 7 V5 Remote Code Execution Vulnerability

SIMATIC PCS 7 is a centralized control system DCS that integrates components such as SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7, etc. SIMATIC S7-PM is an option package for SIMATIC STEP 7 V5.7, which offers the project range with the possibility of assigning message...

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

Code injection

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database...

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

CVE-2023-25910

CVE-2023-25910 describes a remote code execution vulnerability in Siemens SIMATIC STEP 7 V5, SIMATIC PCS 7, and S7-PM products that contain an embedded database management system. The root cause is improper generation/control of code within the database functions, allowing remote unauthenticated ...

PT-2023-3371 · Siemens · Simatic Pcs 7 +2

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP2 UC04 SIMATIC S7-PM versions prior to V5.7 SP1 HF1 SIMATIC S7-PM versions prior to V5.7 SP2 HF1 SIMATIC STEP 7 V5 versions prior to V5.7 Description: A vulnerability has been identified in the affected...

SQLite Code Injection Vulnerability

SQLite is a lightweight database that is ACID compliant relational database management system. A code injection vulnerability exists in SQLite JDBC that stems from a remote code execution vulnerability. No detailed vulnerability details are provided at this time...

Vulnerability of the MySQL Server component: The MySQL Server database management system’s DDL functions allow attackers to cause service failures or gain access to modify, add, or delete data.

Vulnerability of the MySQL Server component: The DDL system for database management of MySQL Server is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain access to modify, add, or delete data...