Oracle Database Server 8.1.7/9.0.x ctxsys.driload Access Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11099/info Oracle Database Server is prone to an access validation vulnerability that may permit unprivileged users to execute commands as the DBA. This could compromise the database. SQL exec ctxsys.driload.validatestmt...

Leszek Krupinski L-Forum 2.4 Search Script SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5468/info Reportedly, L-Forum is vulnerable to SQL injection attacks. The vulnerability lies in the file 'search.php' L-Forum does not properly sanitize user input that is used as part of the search parameter in the...

Oracle Database Server 9.0.x Oracle Binary Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8844/info Oracle Database Server 'oracle' binary has been reported prone to a local buffer overflow vulnerability. The issue likely presents itself due to a lack of sufficient boundary checks performed on command line...

Xpressions Interactive Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7804/info Several software products maintained by Xpressions Interactive are prone to SQL injection attacks. The vulnerability exists in the login.asp page. Specifically, user-supplied input is not sufficiently sanitized ...

openSUSE Security Update : viewvc (openSUSE-SU-2011:0529-1)

cvsdb.py in viewvc did not honor an admin defined row limit which could cause high load on the database server. viewvc was updated to version 1.1.11 which fixes the issue CVE-2009-5024. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

RHEL 5 : mysql55-mysql (RHSA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

CentOS 5 : mysql55-mysql (CESA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Debian Security Advisory DSA 2919-1 (mysql-5.5 - security update)

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.37. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:...

Debian: Security Advisory (DSA-2919-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Siemens SIMATIC WinCC Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-205-02 Siemens SIMATIC WinCC Vulnerabilities that was published July 24, 2014, on the NCCIC/ICS-CERT web site. Researchers Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai of Positive...

Oracle Database Server Multiple Unspecified Vulnerabilities-01 (Apr 2014)

Oracle Database Server is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-2408

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."...

CVE-2014-2406

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges...

CVE-2014-2406

The CVE-2014-2406 entry concerns Oracle Database Server Core RDBMS, affecting Oracle Database Server versions 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1. The vulnerability is described as unspecified, allowing remote authenticated users to impact confidentiality, integrity, and availability via u...

CVE-2014-2408

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."...

MySQL 5.5.x < 5.5.36 Multiple Vulnerabilities

The version of MySQL installed on the remote host is version 5.5.x prior to 5.5.36. It is, therefore, affected by vulnerabilities in the following components : - ENFED - Federated - Partition - Replication - XML C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73572;...

Vulnerability in other (CVE-2014-0067)

Unauthenticated users may gain access to the database server during "make check"...

MariaDB 5.5.0 < 5.5.36 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.36. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.36 advisory. - Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to...

RedHat Update for mysql55-mysql RHSA-2014:0186-01

Check for the Version of mysql55-mysql OpenVAS Vulnerability Test RedHat Update for mysql55-mysql RHSA-2014:0186-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Oracle Linux 5 : mysql55-mysql (ELSA-2014-0186)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0186 advisory. - Fix CVE-2014-0001 Related: 1055875 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...