Lucene search
K

201 matches found

Positive Technologies
Positive Technologies
added 2023/06/19 12:0 a.m.4 views

PT-2023-16805 · Document Foundation +6 · Libreoffice +6

Name of the Vulnerable Software and Affected Versions: Libreoffice affected versions not specified hsqldb version 1.8.0 Description: A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file...

8.8CVSS6.5AI score0.65692EPSS
Exploits2References93
OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for hsqldb (EulerOS-SA-2023-2147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.03519EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.25 views

EulerOS 2.0 SP5 : hsqldb (EulerOS-SA-2023-2147)

According to the versions of the hsqldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote...

9.8CVSS8.1AI score0.03519EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.6 views

hsqldb: Untrusted input may lead to RCE attack

A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...

9.8CVSS7.8AI score0.03519EPSS
Exploits1References6
NVD
NVD
added 2023/04/03 6:15 p.m.26 views

CVE-2022-43773

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...

8.8CVSS8.7AI score0.22179EPSS
Exploits0References1
Prion
Prion
added 2023/04/03 6:15 p.m.15 views

Code injection

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...

6.5CVSS8.5AI score0.22179EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/04/03 5:59 p.m.50 views

CVE-2022-43773

Hitachi Vantara Pentaho Business Analytics Server is affected by CVE-2022-43773 due to incorrect permission assignment for a critical resource when a sample HSQLDB data source with stored procedures is enabled. Affected versions include pre-9.4.0.1 and pre-9.3.0.2, as well as 8.3.x. The root caus...

8.8CVSS8.7AI score0.22179EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/03 5:59 p.m.27 views

CVE-2022-43773 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Permission Assignment for Critical Resource

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x is installed with a sample HSQLDB data source configured with stored procedures enabled...

8.8CVSS8.8AI score0.22179EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.43 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 (RHSA-2023:1514)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1514 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits10References44
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.35 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 (RHSA-2023:1513)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1513 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits10References44
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.104 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 (RHSA-2023:1512)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1512 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8AI score0.99615EPSS
Exploits10References44
RedHat Linux
RedHat Linux
added 2023/03/29 11:44 a.m.90 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7.2AI score0.99615EPSS
Exploits10References33
RedHat Linux
RedHat Linux
added 2023/03/29 11:44 a.m.4 views

hsqldb: Untrusted input may lead to RCE attack

A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...

9.8CVSS7.8AI score0.03519EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/03/29 11:43 a.m.6 views

hsqldb: Untrusted input may lead to RCE attack

A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default...

9.8CVSS7.8AI score0.03519EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.7 views

SUSE CVE-2007-4575

HSQLDB before 1.8.0.9, as used in OpenOffice.org OOo 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."...

9.3CVSS7.8AI score0.14347EPSS
Exploits3References4
Oracle linux
Oracle linux
added 2023/02/09 12:0 a.m.27 views

hsqldb security update

1:1.8.0.10-12.0.1 - Fix possible remote code execution vulnerability CVE-2022-41853Orabug: 34820687...

9.8CVSS1.8AI score0.03519EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/02/08 12:0 a.m.28 views

Oracle Linux 6 : hsqldb (ELSA-2023-12103)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12103 advisory. - Fix possible remote code execution vulnerability CVE-2022-41853Orabug: 34820687 - Backport patch, addressing CVE-2007-4576 Tenable has extracted the precedin...

9.8CVSS8AI score0.03519EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 5:3 p.m.39 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in HSQLDB

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of HSQLDB. Vulnerability Details CVEID:CVE-2022-41853 DESCRIPTION: HSQLDB could allow a remote attacker to execute arbitrary code on the system, caused by improper validation of user-supplied input by...

9.8CVSS8.8AI score0.03519EPSS
Exploits1Affected Software1
Amazon
Amazon
added 2023/01/24 12:0 a.m.37 views

Important: hsqldb

Issue Overview: Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code executio...

9.8CVSS8.5AI score0.03519EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.32 views

Amazon Linux AMI : hsqldb (ALAS-2023-1666)

The version of hsqldb installed on the remote host is prior to 1.8.1.3-1.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1666 advisory. Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be...

9.8CVSS8.1AI score0.03519EPSS
Exploits1References3
Rows per page
Query Builder