CVE-2016-9052

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker can simply...

CVE-2016-9050

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2016-9054

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...

CVE-2016-9054

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...

CVE-2016-9052

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker can simply...

CVE-2016-9054

CVE-2016-9054 describes a stack-based buffer overflow in Aerospike Database Server 3.10.0.3, exposed via the querying pathway. The vulnerability occurs in the function as_sindex__simatch_list_by_set_binid when processing a crafted packet that overflows an internal key buffer (setname_binid_typeid...

CVE-2016-9052

CVE-2016-9052 is an exploitable stack-based buffer overflow in Aerospike Database Server 3.10.0.3, triggered during a crafted index query. The vulnerability occurs in as_sindex__simatch_by_iname, which copies an index name into a fixed-size stack buffer (iname[AS_ID_INAME_SZ] = 256) using a lengt...

PT-2017-9934 · Aerospike · Aerospike Database Server

Name of the Vulnerable Software and Affected Versions: Aerospike Database Server version 3.10.0.3 Description: An out-of-bounds read issue exists in the client message-parsing functionality. A specially crafted packet can cause an out-of-bounds read, resulting in disclosure of memory within the...

PT-2017-2402 · Aerospike · Aerospike Database Server

Name of the Vulnerable Software and Affected Versions: Aerospike Database Server version 3.10.0.3 Description: The issue is related to a stack-based buffer overflow in the querying functionality of the Aerospike Database Server. This occurs in the as sindex simatch by iname function, allowing for...

Aerospike Database Server Buffer Overflow Vulnerability (CNVD-2017-00733)

Aerospike Database Server is a distributed, scalable NoSQL database from Aerospike, Inc. A stack-based buffer overflow vulnerability exists in Aerospike Database Server version 3.10.0.3. An attacker could exploit this vulnerability to execute arbitrary code in the context of an affected...

Aerospike Database Server Client Message Memory Disclosure Vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be use...

Aerospike Database Server Index Name Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker ca...

Aerospike Database Server Set Name Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An...

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...

Important: Red Hat Security Advisory: rh-mariadb100-mariadb security update

An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

DBD :: mysql outer boundary read information disclosure vulnerability

DBD::mysql is a Perl5 Database Interface DBI driver for MySQL. DBD :: mysql suffers from an outer boundary read information disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information...

Important: Red Hat Security Advisory: rh-mysql56-mysql security update

An update for rh-mysql56-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Debian Security Advisory DSA 3711-1 (mariadb-10.0 - security update)

Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ OpenVAS...

DSA-3711-1 mariadb-10.0 - security update

Bulletin has no description...