PT-2023-25559 · Monetdb +1 · Monetdb Server +1

Name of the Vulnerable Software and Affected Versions: MonetDB Server versions 11.45.17 through 11.46.0 Description: The issue in the GDKfree component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For versions 11.45.17 and 11.46.0, update to a...

PT-2023-25552 · Monetdb +1 · Monetdb Server +1

Name of the Vulnerable Software and Affected Versions: MonetDB Server versions 11.45.17 through 11.46.0 Description: The issue in the rel deps component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For MonetDB Server versions 11.45.17 through...

Code injection

The SQLNet inspection engine in Cisco ASA Software 7.2 before 7.25.13, 8.2 before 8.25.50, 8.3 before 8.32.42, 8.4 before 8.47.15, 8.5 before 8.51.21, 8.6 before 8.61.14, 8.7 before 8.71.13, 9.0 before 9.04.5, and 9.1 before 9.15.1 allows remote attackers to cause a denial of service device reloa...

SQLite Browser 2.0b1 - Local DoS Vulnerability

No description provided by source. Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is th...

SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability

No description provided by source. SetSeed CMS 5.8.20 loggedInUser Remote SQL Injection Vulnerability Vendor: SetSeed Product web page: http://www.setseed.com Affected version: 5.8.20 Summary: SetSeed is a self-hosted CMS which lets you rapidly build and deploy complete websites and online stores...

MGASA-2013-0238 Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

CVE-2011-4634

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...

Sybase Advantage Data Architect Heap Overflow

Exploit Title: Sybase Advantage Data Architect ".SQL" Format Heap Oveflow RCE Date: 2010-10-16 Author: d0lc3 @rmallof - http://elotrolad0.blogspot.com/ Software Link: http://www.sybase.com/products/databasemanagement/advantagedatabaseserver/data-architect-utility Version: 10.0 Tested on: Windows ...

SQLite Browser 2.0b1 - Local Denial of Service

SQLite Browser 2.0b1 - Local Denial of Service Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. T...

SQLite Browser 2.0b1 - Local Denial of Service

Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is the SQL query processor engine, it...

CVE-2003-1573

The PointBase 4.6 database component in the J2EE 1.4 reference implementation J2EE/RI allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun...

Preemptive Protection against Microsoft SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability (MS09-004)

A remote code execution vulnerability has been reported in Microsoft SQL Server. Microsoft SQL Server is a relational database management system RDBMS. The flaw is in the way that SQL Server checks parameters in the "spreplwritetovarbin" extended stored procedure. By sending a specially crafted S...

Buffer overflow

Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...

CVE-2008-0086

Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...

CVE-2008-0086

Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...

UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== UStore 1.0 detail.asp Remote SQL Injection Vulnerability ========================================================== Title : UStore 1.0 detail.asp Remote SQL Injection Vulnerability...