KLA12389 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...

Microsoft Windows Multiple Vulnerabilities (KB5003172)

This host is missing a critical security update according to Microsoft KB5003172 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability...

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability...

Remote code execution

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability...

EUVD-2021-15134

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability...

Security update 2021-05-11

...

KLA12175 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SharePoint c...

KLA12174 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...

The vulnerability of the authentication policy for the “Red Database” database management systems, related to errors in authentication data verification, allows attackers to increase their privileges.

The vulnerability of the authentication policy for the “Red Database” database management systems is related to an error in verifying authentication data. Exploiting this vulnerability can allow attackers, operating remotely, to increase their privileges...

The vulnerability of the “Red Database” and Firebird database management systems, related to the lack of measures taken to protect SQL query structures, allows attackers to execute arbitrary code.

The vulnerability of the "Red Database" and Firebird database management systems is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by executing incorrectly formed SQL statements...

The vulnerability of the UDF subsystem of the “Red Database” and Firebird database management systems allows attackers to execute arbitrary code.

The vulnerability of the UDF subsystem in the “Red Database” and Firebird database management systems is related to errors during the execution of user-defined functions. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Oracle Releases Critical Patch Update

Oracle has released its Critical Patch Update for October 2009 to address 38 vulnerabilities across several database and server products. The update contains the following security fixes: 16 for the Oracle Database 3 for the Oracle Application Server 8 for the Oracle E-Business Suite and...

APEX Password Hash Disclosure

Name Unprivileged DB users can see APEX password hashes Systems Affected APEX 3.0 optional component of 11.1.0.7 installation Severity High Risk Category Password Disclosure Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE CVE-2009-0981 Advisory 14...

SQL Injection in package DBMS_AQIN

Name SQL Injection in package DBMSAQIN CVE-2009-0992 Systems Affected Oracle 10.1.0.5 - 11.1.0.7 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE CVE-2009-0992 Advisory 14 April 2009 V 1.00 Details: The...

SQL Injection in package DBMS_AQADM_SYS

Name SQL Injection in package DBMSAQADMSYS CVE-2009-0977 Systems Affected Oracle 9.2.0.8 - 10.2.0.3 Severity Medium Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Franz Hll fh at red-database-security.com CVE CVE-2009-0977 Advisory 14 April 2009 V 1.00 Details: The package...

Unprivileged DB users can see APEX password hashes

Name Unprivileged DB users can see APEX password hashes Systems Affected APEX 3.0 optional component of 11.1.0.7 installation Severity High Risk Category Password Disclosure Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE CVE-2009-0981 Advisory 14...

[Full-disclosure] Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]

Oracle - Hardcoded Password and Password Reset of OUTLN User DB13 Systems Affected 9i Rel. 1 - 10g Rel. 2 Severity High Risk Category Hardcoded Default Password & Password Reset Vendor URL http://www.oracle.com/ Author Alexander Kornbrust Advisory 16 April 2008 V 1.00 Advisory URL...

Oracle Security: SQL Injection in package DBMS_PRVTAQIS

SQL Injection in package DBMSPRVTAQIS This advisory http://www.red-database-security.com/advisory/oraclesqlinjectiondbmsprvtaqis.html Name SQL Injection in package DBMSPRVTAQIS DB02 Systems Oracle 9i Rel.1 - 10g Rel. 1 Severity High Risk Category SQL Injection Author Alexander Kornbrust ak at...

Bypass Oracle Logon Trigger

Bypass Oracle Logon Trigger Name Bypass Oracle Logon Trigger 7826485 DB05 Systems Affected Oracle 8-10g Rel. 2 Severity High Risk Category Bypass Security Feature Database Logon Trigger Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE Advisory 17...