[SECURITY] Fedora 44 Update: dovecot-2.4.4-1.fc44

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

[SECURITY] Fedora 43 Update: dovecot-2.4.3-2.fc43

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

USN-7153-1: PHP vulnerability

It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in locations they would not normally have access to. CVE-2024-11236...

USN-7153-1 php7.0, php7.2 vulnerability

It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in locations they would not normally have access to. CVE-2024-11236...

Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerability (USN-7153-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7153-1 advisory. It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in...

Mass Assignment

Laravel is vulnerable to Mass Assignment. The vulnerability is due to insufficient column quoting for all database drivers, which could allow attackers to perform unauthorized mass assignment operations. If using guarded and passing a user-controlled array into an "update" or "save" function,...

Vulnerabilities fixed in Micorosft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. The vulnerabilities are located in the various ODBC and OLE DB drivers and allow a malicious party to execute arbitrary code execute application privileges, potentially gaining access gain access to sensitive data. Successful abuse requires the...

Microsoft OLE 安全漏洞

Microsoft OLE is an object-oriented technology from Microsoft Corporation USA. A security vulnerability exists in Microsoft OLE. The following products and versions are affected:Microsoft SQL Server 2019 for x64-based Systems GDR,Microsoft SQL Server 2022 for x64-based Systems GDR,Microsoft OLE D...

PT-2023-2428 · Microsoft · Odbc +2

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC and OLE DB affected versions not specified Description: The issue exists due to insufficient input validation in the Windows operating system's ODBC and OLE DB drivers. Exploitation of this issue may allow a remote attacker to...

SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database

Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2016-0702)

Summary An OpenSSL vulnerability was disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain...

Security Bulletin: A security vulnerability in OpenSSL affects IBM Rational ClearQuest (CVE-2018-0739)

Summary OpenSSL vulnerabilities were disclosed on March 27 2018 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...