2885 matches found
Theo CMS 2.0 SQL Injection
============================================= MGC ALERT 2017-004 - Original release date: July 11, 2017 - Last revised: August 12, 2017 - Discovered by: Manuel GarcAa CA!rdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...
CVE-2017-10202
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to...
Design/Logic Flaw
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to...
CVE-2017-10120
CVE-2017-10120 affects Oracle Database Server 12.1.0.2 in the RDBMS Security component. The vulnerability allows a local attacker with Create Session and Select Any Dictionary privileges to compromise RDBMS Security, potentially enabling unauthorized update/insert/delete of some data (I: LOW; A/N...
CVE-2017-10120
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure where RDBMS...
mysql: Server: DDL unspecified vulnerability (CPU Apr 2017)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protoco...
[SECURITY] [DLA 1043-1] mysql-5.5 security update
Package : mysql-5.5 Version : 5.5.57-0+deb7u1 CVE ID : CVE-2017-3635 CVE-2017-3636 CVE-2017-3641 CVE-2017-3648. CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 Debian Bug : 868788 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to t...
Unspecified Vulnerability in Oracle Database Server (CNVD-2017-18569)
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1 contain a security vulnerability in the OJVM implementation that can be...
Unspecified Vulnerability in Oracle Database Server (CNVD-2017-18568)
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. Oracle Database Server version 12.1.0.2 has a security vulnerability in the RDBMS Security implementation, which can be exploited by a...
UBUNTU-CVE-2017-3640
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Oracle Database Server 'OJVM' Component Unspecified Vulnerability
Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle Releases Biggest Update Ever: 308 Vulnerabilities Patched
Oracle admins are today staring down the barrel of the biggest quarterly Critical Patch Update ever. The numbers are gory: 308 vulnerabilities patched, 165 of which are remotely exploitable, across more than 90 products. So far in 2017, Oracle has patched 878 vulnerabilities through three CPUs...
phpMyAdmin Elevation of Privilege Vulnerability
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. An elevation of privilege vulnerability exists in phpMyAdmin. An attacker can exploit this vulnerability to connect to an arbitrary MySQL server...
The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system allows a perpetrator to execute arbitrary code.
The vulnerability of the RW-message structure in the Aerospike Database Server of the Oracle Database database management system is related to unvalidated array indexing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code read from beyond the memory limit using a...
The vulnerability of the packet transfer function in the Aerospike Database Server of the Oracle Database database management system allows a hacker to execute arbitrary code.
The vulnerability of the packet transfer function in the Aerospike Database Server of the Oracle Database database management system is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code writing beyond the memory bound...
IBM DB2 Buffer Overflow Vulnerability (CNVD-2017-14908)
IBM DB2 Universal Database Server is a commercial relational database system. A buffer overflow vulnerability exists in IBM DB2. A local attacker could exploit this vulnerability to execute arbitrary code...
[SECURITY] Fedora 26 Update: mariadb-10.1.24-3.fc26
MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...
Oracle Database Server Authentication Bypass Vulnerability
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. An authentication bypass vulnerability exists in Oracle Database Server. An attacker could use this vulnerability to bypass the...
[SECURITY] Fedora 26 Update: community-mysql-5.7.18-2.fc26
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CVE-2017-3486
Vulnerability in the SQLPlus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQLPlus executes to compromise...