The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to cause a service failure.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a complete service outage using the Oracle Net protocol...

The vulnerability of the Oracle XML DB component of the Oracle Database Server database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the Oracle XML DB component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the Oracle Net protocol...

CVE-2022-31623

Disclaimer: This data contains information about vulnerable...

Missing permission checks in Jenkins Database Plugin

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. Database Plugin 1.7 requires Overall/Administer permission for the affected form...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete data through various network protocols...

CVE-2022-30335

Bonanza Wealth Management System BWM 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component...

Fedora: Security Advisory for mariadb (FEDORA-2022-03350936ee)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for mariadb (FEDORA-2022-5cfe372ab7)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Remote Code Execution

com.bstek.ureport:ureport2-console is vulnerable to remote code execution. A remote attacker is able to read sensitive user files and deserialize local gadgets by connecting the system to a malicious database server...

GHSA-W39X-CHVM-PJ3C Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

CVE-2022-25767

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

CVE-2022-25767 Remote Code Execution

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

CVE-2022-25767

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets...

ALSA-2022:1556 Moderate: mariadb:10.3 security and bug fix update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb 10.3.32, galera 25.3.34. BZ2050543 Security Fixes: mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-21...

Oracle Database Server (Apr 2022 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that is affect...

Oracle Database Server Input Validation Error Vulnerability (CNVD-2022-36952)

Oracle Database Server is a relational database management system from Oracle Corporation USA. The database management system provides data management, distributed processing, etc. An input validation error vulnerability exists in Oracle Database, which originates from an input validation error i...

Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-33783)

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and MySQL Connectors is one of the drivers for connecting to applications that use MySQL. Server product contains an input validation error...

Oracle Database Server Input Validation Error Vulnerability (CNVD-2022-36953)

Oracle Database Server is a relational database management system from Oracle Corporation. Oracle Database Server is vulnerable to an input validation error in the Java VM in Oracle Database Server. An authenticated remote attacker could exploit this vulnerability to manipulate data...

Security Bulletin: IBM Emptoris Supplier Lifecycle Management vulnerable to unspecified vulnerability due to Oracle Database Server (CVE-2021-35576)

Summary IBM Emptoris Supplier Lifecycle Management supports Oracle database server as an application backend database. Oracle database server is vulnerable to an unspecified vulnerability that has been addressed. Vulnerability Details CVEID: CVE-2021-35576 DESCRIPTION: An unspecified vulnerabilit...

Oracle MySQL Input Validation Error Vulnerability (CNVD-2022-31681)

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components.MySQL Connectors is one of the drivers for connecting applications that use MySQL. An input validation error vulnerability exists in Oracle MySQL's...