Oracle Database SQL Compiler Access Control Security Bypass (CVE-2007-3855)

There exists a security bypass vulnerability in the Oracle Database Server product. Specifically, the flaw exists due to improper enforcement of user permissions on data access to tables through certain types of views. A remote authenticated attacker may use this vulnerability to perform UPDATE,...

Solaris KCMS + TTDB Arbitrary File Read

This module targets a directory traversal vulnerability in the kcmsserver component from the Kodak Color Management System. By utilizing the ToolTalk Database Server's TTISBUILD procedure, an attacker can bypass existing directory traversal validation and read arbitrary files. Vulnerable systems...

Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection (CVE-2010-0870)

Oracle Database Server is an enterprise-level relational database application suite. A SQL injection vulnerability has been reported in Oracle Database Server. The vulnerability is due to input validation errors in the certain procedures of the DBMSCDCPUBLISH package. A remote attacker may exploi...

Memory corruption

Dameng DM Database Server allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors related to the SPDELBAKEXPIRED procedure in wdmdll.dll, which triggers memory corruption...

CVE-2010-2159

Dameng DM Database Server allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors related to the SPDELBAKEXPIRED procedure in wdmdll.dll, which triggers memory corruption...

CVE-2010-2159

Technical details (affected products, versions, exploit vectors, or fixes) are not publicly provided in the connected documents. Monitor for updates.

[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...

DM Database Server Memory Corruption

DM Database Server Memory Corruption Vulnerability Vulnerable: All Version Vendor: www.dameng.com Discovered by: Shennan Wang HuaweiSymantec SRT Details: ========= A vulnerability in DM Database Server all version allows attacker to execute arbitrary code or cause a DoS Denial of...

CentOS 5 : postgresql (CESA-2010:0429)

Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

RHEL 5 : mysql (RHSA-2010:0442)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0442 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

CentOS 4 : postgresql (CESA-2010:0428)

Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

Vulnerability in core server (CVE-2010-1169)

A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled...

Vulnerability in core server (CVE-2010-1170)

Insecure permissions on the pltclmodules table could allow an authenticated user to run arbitrary Tcl code on the database server if PL/Tcl is installed and enabled...

Moderate: Red Hat Security Advisory: postgresql security update

Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

Moderate: Red Hat Security Advisory: postgresql security update

Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

PostgreSQL < 8.4.4/8.3.11/8.2.17/8.1.21/8.0.25/7.4.29 Multiple Vulnerabilities

Binary data 5546.prm...

Oracle Database DBMS_JVM_EXP_PERMS System Command Execution (CVE-2010-0866; CVE-2010-0867)

Oracle Database server is an enterprise-level relational database application suite. A privilege escalation vulnerability exists in Oracle Database server that can allow users with limited privileges to execute arbitrary operating system commands on a target server. The vulnerability is due to an...

IBM DB2 Database Server SQL REPEAT Buffer Overflow

IBM DB2 Database is a relational database management system that consists of a set of services that work together to provide data processing functionality. A heap buffer overflow vulnerability has been reported in IBM DB2 Database Server. The vulnerability is due to an integer overflow that can...

Oracle Releases Critical Patch Update for April 2010

Oracle has released its Critical Patch Update for April 2010 to address 47 vulnerabilities across several products. This update contains the following security fixes: 7 for Oracle Database Server 5 for Oracle Fusion Middleware 1 for Oracle Collaboration Suite 8 for Oracle Application Suite 4 for...

Apache CouchDB Unauthenticated Administrative Access

Nessus was able to perform administrative actions on the remote CouchDB server without providing authentication. A remote attacker could exploit this to take control of the CouchDB server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid45434; scriptversion"$Revision:...