[SECURITY] Fedora 36 Update: golang-github-ledisdb-0.6-5.20210112gitd35789e.fc36

Ledisdb is a high-performance NoSQL database library and server written in Go. It's similar to Redis but store data in disk. It supports many data structures including kv, list, hash, zset, set. LedisDB now supports multiple different databases as backends...

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security research and training. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to...

WordPress plugin Adminer Login 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Adminer Login version 1.4.4 contains a security vulnerability that can be exploited by...

Important: Red Hat Security Advisory: rsyslog and rsyslog7 security update

An update for rsyslog and rsyslog7 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

GHSA-HJ36-V72X-CC6J Missing permission checks in Jenkins Database Plugin

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. Database Plugin 1.7 requires Overall/Administer permission for the affected form...

GRANDCOM DynWEB SQL注入漏洞

GRANDCOM DynWEB is the login management interface for a content management system from GRANDCOM Slovakia. A security vulnerability exists in GRANDCOM DynWEB versions prior to 4.2, which stems from a back-end login script that does not validate and clean up user-supplied strings. An unauthenticate...

DEA Investigating Breach of Law Enforcement Data Portal

The U.S. Drug Enforcement Administration DEA says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment...

[SECURITY] Fedora 35 Update: galera-26.4.11-1.fc35

Galera is a fast synchronous multi-master wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see http://launchpad.net/wsrep. For a description of Galera replication engine see http://www.codership.com...

Fedora: Security Advisory for recutils (FEDORA-2022-17787e290f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: galera-26.4.11-1.fc36

Galera is a fast synchronous multi-master wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see http://launchpad.net/wsrep. For a description of Galera replication engine see http://www.codership.com...

[SECURITY] Fedora 36 Update: recutils-1.9-1.fc36

Recutils is a set of tools and libraries to access human-editable, text-based databases called recfiles. The data is stored as a sequence of records, each record containing an arbitrary number of named fields...

[SECURITY] Fedora 36 Update: moby-engine-20.10.14-1.fc36

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

Delta Electronics DIAEnergie SQL Injection Vulnerability (CNVD-2022-36028)

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

Fedora: Security Advisory for recutils (FEDORA-2022-4e6bd7ca62)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: recutils-1.9-1.fc35

Recutils is a set of tools and libraries to access human-editable, text-based databases called recfiles. The data is stored as a sequence of records, each record containing an arbitrary number of named fields...

US and China Exposed Most Databases Among 308,000 Discovered in 2021

By Waqas In total, 308,000 unsecured databases were found exposing sensitive assets worldwide of which around 90,000 databases have already… This is a post from HackRead.com Read the original post: US and China Exposed Most Databases Among 308,000 Discovered in 2021...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system for monitoring and analyzing energy consumption in real time, calculating energy consumption and load characteristics, optimizing equipment performance, improving production processes and maximizing energy efficiency. Delta...

[SECURITY] Fedora 35 Update: moby-engine-20.10.14-1.fc35

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

[SECURITY] Fedora 34 Update: moby-engine-20.10.14-1.fc34

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

Design/Logic Flaw

Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called ATTACH DATABASE, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, then it can attach...