43 matches found
TencentOS Server 4: mysql (TSSA-2025:0335)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0335 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2025-42895
Due to insufficient validation of connection property values, the SAP HANA JDBC Client allows a high-privilege locally authenticated user to supply crafted parameters that lead to unauthorized code loading, resulting in low impact on confidentiality and integrity and high impact on availability o...
CVE-2025-42895
CVE-2025-42895 affects the SAP HANA JDBC Client. The vulnerability arises from insufficient validation of connection property values, allowing a high-privilege, locally authenticated user to supply crafted parameters that lead to unauthorized code loading. According to the connected sources, the ...
mysql: mysqldump unspecified vulnerability (CPU Jul 2025)
Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
PT-2024-8085 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to a memory use after free vulnerability in the Microsoft SQL Server Native Client component. This could allow a remote attacker to execute arbitrary code...
CVE-2024-37332
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability...
PT-2024-5371 · Microsoft · Sql Server Native Client Ole Db Provider
Name of the Vulnerable Software and Affected Versions: SQL Server Native Client OLE DB Provider affected versions not specified Description: The issue is related to an integer overflow in the SQL Server Native Client OLE DB Provider. Exploitation of this issue may allow a remote attacker to execu...
Component takeover in Oracle Data Provider for .NET
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful...
Code injection
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful...
CVE-2022-34558
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
PYSEC-2022-43163
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
PYSEC-2022-43174
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package...
GHSA-2XPJ-F5G2-8P7M Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
Arbitrary code execution in clickhouse-driver
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
Buffer overflow
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...
CVE-2020-26759
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...