ALSA-2023:2378 Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

IBM DB2 Denial of Service Vulnerability (CNVD-2023-64881)

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2, which can be exploited by an attacker to caus...

PT-2023-6697 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to insufficient access control in the database management system, which may allow a remote attacker to execute...

Moderate: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

The vulnerability of the IBM DB2 database management system for Windows operating systems lies in the ability to disclose information through registration files, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the IBM DB2 database management system for Windows operating systems is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

ALSA-2023:1576 Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 For more...

Moderate: postgresql:13 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 postgresql: Client memory disclosure when connecting with Kerberos to modified server CVE-2022-41862 For more...

[SECURITY] Fedora 37 Update: phpMyAdmin-5.2.1-1.fc37

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and i...

SUSE CVE-2012-5612

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service memory corruption and crash and possibly execute arbitrary code, as demonstrated using certain...

SUSE CVE-2014-4245

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors...

DM7 has a binary vulnerability

DM7 is a database management system from Damon Corporation. DM7 is binary vulnerable and can be exploited by attackers to execute arbitrary commands...

PT-2023-1454 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the database management system, which can be exploited to execute arbitrary code. This allows an attacker to potentiall...

CVE-2022-43761

CVE-2022-43761 affects B&R APROL: missing authentication when creating/managing the APROL database prior to R 4.2-07 allows reading and modifying the system configuration. Impact: potential unauthorized access to configuration data; CVSS indicates HIGH/CRITICAL depending on vector. Remediation: u...

phpMyAdmin SQL Injection Vulnerability (CNVD-2023-09611)

phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin, which stems...

B&R Industrial Automation APROL 访问控制错误漏洞

B&R Industrial Automation APROL is a production process management system from B&R Industrial Automation, Austria. A security vulnerability exists in the B&R Industrial Automation APROL database R prior to version 4.2-07, which stems from a lack of authentication when creating and managing...

sqldump SQL注入漏洞

sqldump is a Gopher Gala open source widget for database management. SQL injection vulnerability exists in sqldump , the vulnerability stems from unknown code effects , the operation leads to SQL injection...

Command Execution Vulnerability in Damon Database Management System (DM8) Kirin Version

Wuhan Damon Database Co., Ltd. is a database product development service provider. A command execution vulnerability exists in Damon Database Management System DM8 Kirin Edition, which can be exploited by attackers to execute arbitrary commands...

Command Execution Vulnerability in Damon Database Management System (DM7) Kirin Edition

Wuhan Damon Database Co., Ltd. is a database product development service provider. A command execution vulnerability exists in Damon Database Management System DM7 Kirin Edition, which can be exploited by attackers to execute arbitrary commands...

Moderate: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

Wuhan Damon Database Co., Ltd. Damon database management system has a logic flaw vulnerability

Damon database management system is a high-performance database management system with completely independent intellectual property rights launched by Damon, referred to as DM. Wuhan Damon Database Co. Damon Database Management System suffers from a logic flaw vulnerability that can be exploited ...