Lucene search
K

73 matches found

Check Point Advisories
Check Point Advisories
added 2019/11/25 12:0 a.m.17 views

OPF OpenProject Activities API SQL Injection (CVE-2019-11600)

A SQL injection vulnerability has been reported in OpenProject. This vulnerability can be exploited by sending crafted HTTP requests to a vulnerable application. Successful exploitation could lead to arbitrary SQL statement execution in the security context of database service...

6.8CVSS1.8AI score0.79956EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2019/02/20 12:0 a.m.30 views

Zoho ManageEngine OpManager SQL Injection (CVE-2018-17823; CVE-2018-17283)

An SQL injection vulnerability exists in ManageEngine. This vulnerability is due to insufficient validation of the name parameter when processing requests sent. Successful exploitation could lead to arbitrary SQL code execution in the security context of database service...

5CVSS3.5AI score0.66347EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2019/02/14 12:0 a.m.3 views

Zoho ManageEngine OpManager SQL Injection (CVE-2018-9088)

An SQL injection vulnerability exists in ManageEngine. This vulnerability is due to insufficient validation of the parameter in Java class. Successful exploitation could lead to arbitrary code execution in the security context of database service...

3.8AI score
Exploits0
CNVD
CNVD
added 2018/11/28 12:0 a.m.2 views

Arbitrary File Read Vulnerability in AWS RDS Service

Amazon RDS Service is an RDS service from Amazon that enables you to easily set up, operate, and scale relational databases in the cloud. An arbitrary file read vulnerability exists in AWS RDS Service, which can be exploited by an attacker to read arbitrary files...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/11/28 12:0 a.m.4 views

Arbitrary File Read Vulnerability in NetEase Cloud RDS Service

NetEase Cloud RDS is a stable, reliable and elastic scalable online relational database service. An arbitrary file read vulnerability exists in the NetEase Cloud RDS service, which can be exploited by an attacker to read arbitrary files...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/05/23 12:0 a.m.494 views

Oracle TNS Listener VSNNUM Version Remote Information Disclosure

It was possible to extract the version number of the remote Oracle TNS Transparent Network Substrate listener remotely by sending an unauthenticated request to the TNS listener service operating on this port. This information could aid an attacker. Note that the version of the TNS listener does n...

5.5AI score
Exploits0
OpenVAS
OpenVAS
added 2018/04/30 12:0 a.m.71 views

Microsoft Windows 10: Enable computer and user accounts to be trusted for delegation

This policy setting determines which users can set the Trusted for Delegation setting on a user or computer object. Security account delegation provides the ability to connect to multiple servers, and each server change retains the authentication credentials of the original client. Delegation of...

Exploits0
Imperva Blog
Imperva Blog
added 2018/02/23 4:45 p.m.89 views

NEW: Vulnerability and Assessment Scanning for Your AWS Cloud Databases

Scuba is a free and easy-to-use tool that uncovers hidden security risks. Scuba is frequently updated with content from Imperva’s Defense Center researchers. With Scuba you can: Scan enterprise databases for vulnerabilities and misconfigurations Identify risks to your databases Get recommendation...

6.3AI score
Exploits0
OpenVAS
OpenVAS
added 2017/04/12 12:0 a.m.27 views

SolarWinds Log and Event Manager < 6.3.1 Hotfix 4 Multiple Vulnerabilities

SolarWinds Log and Event Manager LEM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS7.6AI score0.1273EPSS
Exploits2References1
myhack58
myhack58
added 2013/09/16 12:0 a.m.29 views

Completely remove WSUS 3.0 approach-vulnerability warning-the black bar safety net

Upgrade the domain controller or demote a domain controller, wsus services usually fail, only by hand to completely remove wsus3. 0 and then re-install, the following is the result of several attempts later summed up the detailed operation of the steps of: 1, the...

1.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/01/07 12:0 a.m.263 views

MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass

A bug in the version of MySQL running on the remote host allows a remote attacker to bypass the password authentication mechanism using a specially crafted packet with a zero-length scramble buff string. An attacker with knowledge of an existing account defined to the affected service can leverag...

10CVSS5.6AI score0.69647EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/09/08 12:0 a.m.63 views

Firebird Default Credentials (Firebird Protocol)

It is possible to connect to the remote database service using default credentials. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

7.1AI score
Exploits0References1
NVD
NVD
added 2009/12/18 7:30 p.m.14 views

CVE-2007-2281

Integer overflow in the ncp32.NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter...

10CVSS7.5AI score0.08823EPSS
Exploits1References5
Check Point Advisories
Check Point Advisories
added 2009/10/29 12:0 a.m.31 views

SAP MaxDB Remote Arbitrary Commands Execution (CVE-2008-0244)

SAP MaxDB is an open source relational database management system RDBMS developed and supported by SAP AG. MaxDB is targeted for large SAP environments such as mySAP Business Suite and other applications that require enterprise level database functionality. MaxDB is available for the most promine...

10CVSS7.5AI score0.80311EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2009/02/03 12:0 a.m.37 views

Database settings

This plugin just sets global variables SID, SERVICENAME, etc., and does not perform any security checks. TRUSTED...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/11/12 12:0 a.m.18 views

Yosemite Backup Service Driver Detection

The remote host is running Yosemite Backup, a commercial backup solution for Windows, Linux, and Novell NetWare and targetting small-to-medium sized businesses. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid34756...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/07/25 12:0 a.m.22 views

Openlink Virtuoso Server Detection

Openlink Virtuoso Server, a hybrid database server available as a commercial as well as an open source product is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid33588; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate...

5.5AI score
Exploits0References2
NVD
NVD
added 2008/04/22 4:41 a.m.13 views

CVE-2008-1910

Stack-based buffer overflow in the database service ibserver.exe in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244...

10CVSS7.8AI score0.07291EPSS
Exploits4References5
Cvelist
Cvelist
added 2008/04/21 11:0 p.m.24 views

CVE-2008-1910

Stack-based buffer overflow in the database service ibserver.exe in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244...

7.7AI score0.07291EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2008/04/01 12:0 a.m.50 views

SQL Anywhere Broadcast Repeater Detection

The remote service is a SQL Anywhere Broadcast Repeater, which allows SQL Anywhere clients to find SQL Anywhere database servers running on other subnets and through firewalls. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31717; scriptversion"1.8";...

5.8AI score
Exploits0References1
Rows per page
Query Builder