201 matches found
PT-2023-16805 · Document Foundation +6 · Libreoffice +6
Name of the Vulnerable Software and Affected Versions: Libreoffice affected versions not specified hsqldb version 1.8.0 Description: A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file...
Huawei EulerOS: Security Advisory for hsqldb (EulerOS-SA-2023-2147)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : hsqldb (EulerOS-SA-2023-2147)
According to the versions of the hsqldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote...
hsqldb: Untrusted input may lead to RCE attack
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...
CVE-2022-43773
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...
Code injection
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...
CVE-2022-43773
Hitachi Vantara Pentaho Business Analytics Server is affected by CVE-2022-43773 due to incorrect permission assignment for a critical resource when a sample HSQLDB data source with stored procedures is enabled. Affected versions include pre-9.4.0.1 and pre-9.3.0.2, as well as 8.3.x. The root caus...
CVE-2022-43773 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 (RHSA-2023:1514)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1514 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 (RHSA-2023:1513)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1513 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 (RHSA-2023:1512)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
hsqldb: Untrusted input may lead to RCE attack
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...
hsqldb: Untrusted input may lead to RCE attack
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...
SUSE CVE-2007-4575
HSQLDB before 1.8.0.9, as used in OpenOffice.org OOo 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."...
hsqldb security update
1:1.8.0.10-12.0.1 - Fix possible remote code execution vulnerability CVE-2022-41853Orabug: 34820687...
Oracle Linux 6 : hsqldb (ELSA-2023-12103)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12103 advisory. - Fix possible remote code execution vulnerability CVE-2022-41853Orabug: 34820687 - Backport patch, addressing CVE-2007-4576 Tenable has extracted the precedin...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in HSQLDB
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of HSQLDB. Vulnerability Details CVEID:CVE-2022-41853 DESCRIPTION: HSQLDB could allow a remote attacker to execute arbitrary code on the system, caused by improper validation of user-supplied input by...
Important: hsqldb
Issue Overview: Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code executio...
Amazon Linux AMI : hsqldb (ALAS-2023-1666)
The version of hsqldb installed on the remote host is prior to 1.8.1.3-1.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1666 advisory. Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be...