CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

CVE-2024-21251

CVE-2024-21251 — Oracle Database Server Java VM component affected versions: 19.3–19.24, 21.3–21.15, 23.4–23.5. Cause: insufficient input validation in the Java VM component. Impact: a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net ca...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in the Java VM of Oracle Database Server. An attacker exploiting th...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from the American company Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Oracle Database Server's XML Database. An attacker exploitin...

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

The vulnerability of the Microsoft SQL Server database management system, related to numerical truncation errors, allows an attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Microsoft SQL Server database management system is related to numerical truncation errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

Siemens SIMATIC SCADA and PCS 7 systems Remote Code Execution Vulnerability

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC process Historian, the SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS-neo long-term archiving system. It stores process values, alarms, and batch data from the production plant in its database and provides...

CVE-2024-37980

Microsoft SQL Server Elevation of Privilege Vulnerability...

CVE-2024-37338

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability...

PT-2024-6305 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for SQL Server on Windows operating systems. This can be exploited by a remote attacker to disclose...

Microsoft SQL Server 输入验证错误漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. An input validation error vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

IBM DB2 DoS (7165338) (Windows)

According to its self-reported version number, IBM Db2 on Windows is vulnerable to a denial of service as the server may crash when using a specially crafted query on columnar tables in a database partitioned environment. Note that Nessus has not tested for this issue but has instead relied only ...

The vulnerability of the InnoDB component of the MySQL Database Server, which allows a hacker to cause a service failure

The vulnerability of the InnoDB component in the MySQL Database Management System is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures using the MySQL protocol...

The vulnerability of the OLE DB driver for SQL Server, related to integer overflow, allows an attacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (June 2024)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

The vulnerability of the Java VM component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to the disclosure of information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Oracle Database Server (Jul 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. A malicious party can exploit the vulnerabilities to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Manipulation of data Circumvention of security measure Oracle ha...