CVE-2016-7253

The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability."...

CVE-2016-7252

Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnerability."...

Microsoft SQL Server Information Disclosure Vulnerability

Microsoft SQL Server is the United States Microsoft Microsoft company develops and maintains a set of applications in the Microsoft Windows system under the large commercial database system. An information disclosure vulnerability exists in Microsoft SQL Server. An attacker can exploit the...

SQL Injection Vulnerability in ZYDM Parameters of Digital Campus Management System of Shanghai Pengda Computer System Development Co.

The digital campus system of Shanghai Pengda Computer System Development Co., Ltd. is a technology platform using .NET+SqlServer. NET+SqlServer technology platform. Shanghai Pengda Computer System Development Co., Ltd. digital campus management...

[SECURITY] [DSA 3706-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3706-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2016 https://www.debian.org/security/faq -...

DSA-3706-1 mysql-5.5 - security update

Bulletin has no description...

MySQL / MariaDB / PerconaDB 提权/条件竞争漏洞（CVE-2016-6663）

Release date: 01.11.2016 - Discovered by: Dawid Golunski I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition MariaDB 5.5.52 10.1.18 10.0.28 MySQL = 5.5.51 = 5.6.32 = 5.7.14 Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB...

MySQL / MariaDB / PerconaDB - 'mysql' System User Privilege Escalation / Race Condition

Exploit for linux platform in category local exploits ============================================= - Release date: 01.11.2016 - Discovered by: Dawid Golunski - Severity: Critical - CVE-2016-6663 / OCVE-2016-5616 - http://legalhackers.com ============================================= I...

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...

Important: Red Hat Security Advisory: mariadb55-mariadb security update

An update for mariadb55-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Informatica: [afocusp.informatica.com] Sql injection afocusp.informatica.com:37777

hi !There is another sql injection on host afocusp.informatica.com:37777 POC version http://afocusp.informatica.com:37777/pls/apex/f?;OWAUTIL.CELLSPRINT:1;--=select++from+v$version hostname of the database server psvlxtdapp1.inf...

CVE-2016-5572

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2016-5572

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2016-5555

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2016-5516

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors...

CVE-2016-5505

Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors...

CVE-2016-5499

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498...

CVE-2016-5498

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499...

CVE-2016-5498

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499...