PT-2024-10213 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server version 11.5 Description: The issue is related to an information disclosure vulnerability. Sensitive information may be included in a log file under specific conditions,...

Job Recruitment 安全漏洞

Job Recruitment by code-projects is a job portal project developed using PHP, CSS, JavaScript, and MySQL technologies. A security vulnerability exists in Job Recruitment version 1.0, which originates from a SQL injection vulnerability in the email parameter of the /index.php page...

编号撤回

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. This CVE number has...

CVE-2024-30980

SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page...

IBM Db2 输入验证错误漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from an input validation error vulnerability that stems from susceptibility to denial of service attacks with...

IBM Db2 输入验证错误漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from an input validation error vulnerability that stems from the susceptibility to...

PT-2023-28668 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 affected versions not specified Description: A denial of service issue has been identified. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

PT-2023-7737 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server version 11.5 Description: The issue is related to insufficient input validation, which can be exploited by a remote attacker to cause a denial of service. Specifically, when a...

PT-2023-6371 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions prior to the fixed version Description: The issue is related to insufficient input validation, which can be exploited by a remote attacker to cause a denial of service...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2 versions 10.5, 11.1, and 11.5, which can be...

SAP S/4HANA Authorization Issues Vulnerability (CNVD-2024-10202)

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. An authorization issue vulnerability exists in SAP S/4HANA version 106, which can be exploited by an attacker to cause an escalation of privileges, due to a vulnerability...

Engineers Online Portal SQL Injection Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. Engineers Online Portal suffers from a SQL injection vulnerability that stems from manipulation of the username/password...

CVE-2023-36942

A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2, which can be exploited by an attacker to caus...

CVE-2023-35930

SpiceDB's LookupResources may return partial results in v1.22.0, allowing some subjects to slip through or be incorrectly denied. The root cause is using LookupResources for negative authorization decisions. Upgrade to v1.22.2 to patch the issue, or avoid using LookupResources for negative decisi...

Schweitzer Engineering Laboratories RTAC Insecure Storage of Sensitive Information (CVE-2023-31150)

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. This plugin only...

CVE-2023-31150 Storing Passwords in a Recoverable Format

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...

CVE-2023-27555

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187...

IBM DB2 输入验证错误漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM DB2, which can be exploited by an attacker to caus...

CVE-2023-31043

EnterpriseDB EDB Postgres Advanced Server EPAS before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edbfilterlog.redactpasswordcommands. The fixed versions are 10.23.33, 11.18.29, 12.13.17,...