3 matches found
postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limit...
postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limit...
Oracle Database Server Remote Vulnerability (CNVD-2015-00470)
Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session, Create Table' privileges using the 'Oracle Net' protocol...