CVE-2018-1487

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972...

Micro Focus Universal Configuration Management Database Server Cross-Site Request Forgery Vulnerability

Micro Focus Universal Configuration Management Database UCMDB is a suite of database software from Micro Focus UK that stores, controls and manages software and infrastructure components and their interrelationships.UCMDB Server is one of the UCMDB Server is one of the server applications. A...

Security Bulletin: Potential vulnerabilities in IBM OpenPages GRC Platform with Database

Summary These potential security vulnerabilities exist in all versions of IBM OpenPages GRC Platform with Database: See Vulnerability Details for CVE IDs. Vulnerability Details Customers who have IBM OpenPages GRC Platform with Database are potentially impacted by these vulnerabilities. CVEID:...

WordPress Pie Register Blind SQL Injection

============================================= MGC ALERT 2018-004 - Original release date: May 10, 2018 - Last revised: June 11, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score - CVE-ID: CVE-2018-10969 ============================================= I. VULNERABILITY...

[SECURITY] Fedora 27 Update: sqlite-3.20.1-3.fc27

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Oracle Database Server Java VM Unspecified Remote Code Execution (April 2018 CPU)

The remote Oracle Database Server is missing the April 2018 Critical Patch Update CPU. It is, therefore, affected by a remote code execution vulnerability as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information...

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocol...

CVE-2018-2841

The CVE-2018-2841 issue affects the Oracle Database Server Java VM component in versions 11.2.0.4, 12.1.0.2 and 12.2.0.1. According to the provided description, a low-privilege attacker with Create Session and Create Procedure privileges and network access via multiple protocols can compromise th...

CVE-2018-2841

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocol...

CVE-2018-2841

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocol...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-09081)

Oracle Database Server is an object-a relational database management system that provides an open, comprehensive, and integrated approach to information management. An unspecified vulnerability exists in the Java VM component of Oracle Database Server. An attacker could exploit this vulnerability...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-09085)

Oracle Database Server is an object-a relational database management system that provides an open, comprehensive, and integrated approach to information management. An unspecified vulnerability exists in the Oracle GoldenGate component of Oracle Database Server. An attacker could exploit this...

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

Microsoft SQL Server Default Credentials (PCI wordlist)

The SQL Server has a common password for one or more accounts. These accounts may be used to gain access to the records in the database or even allow remote command execution. TRUSTED...

mysql: Server: DML unspecified vulnerability (CPU Apr 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protoco...

Oracle Database Server Multiple Unspecified Vulnerabilities-04 (Mar 2018)

Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Content Management Component Unspecified Vulnerability-01

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Streams, AQ & Replication Mgmt Component Unspecified Vulnerability

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Core RDBMS Component Unspecified Vulnerability -02 (Mar 2018)

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server EMCTL Component Unspecified Vulnerability-01

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...