3671 matches found
Vulnerability of the Server component: The Oracle MySQL Server component of the database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
Oracle Database Server (January 2025 CPU)
The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to...
When using an Oracle DB, application properties can't be set to empty
h3. Issue Summary The jira.security.csp.sandbox.included.content.disposition application property accepts: Empty value "attachment" "inline" "attachment;inline" or "inline;attachment" If Jira is installed using an Oracle database, the empty value is never set. This happens because Oracle treats...
CVE-2025-21553
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.25, 21.3-21.16 and 23.4-23.6. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net t...
CVE-2025-21553
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.25, 21.3-21.16 and 23.4-23.6. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net t...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...
PT-2025-4275 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.25 Oracle Database Server versions 21.3 through 21.16 Oracle Database Server versions 23.4 through 23.6 Description: The issue is related to the Java VM component of Oracle Database Server, wher...
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Oracle Database Server. An attacker could exploit the...
SQL Injection
Django is vulnerable to SQL injection. The vulnerability exists due to the improper handling of untrusted data in the django.db.models.fields.json.HasKey lookup when used with an Oracle database, allowing attackers to execute arbitrary SQL commands...
GHSA-M9G8-FXXM-XG86 Django SQL injection in HasKey(lhs, rhs) on Oracle
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
Django SQL injection in HasKey(lhs, rhs) on Oracle
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
PYSEC-2024-157
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
Django vulnerability CVE-2024-53908 affects Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The issue arises from direct usage of the django.db.models.fields.json.HasKey lookup when an Oracle database is used, allowing SQL injection if untrusted data is supplied as the left-han...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
UBUNTU-CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
PT-2024-9187 · Django +5 · Django +5
Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.17 Django versions 5.0 through 5.0.10 Django versions 5.1 through 5.1.4 Description: An issue was discovered in Django when using an Oracle database. Direct usage of the django.db.models.fields.json.HasKey look...