CVE-2020-25362

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

Sql injection

The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases...

CVE-2020-24862

The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases...

Sourcecodester Online Shopping Alphaware SQL注入漏洞

Sourcecodester Online Shopping Alphaware is a Buffalo company Sourcecodester open source an online shopping system application . Sourcecodester Online Shopping Alphaware version 1.0 has a SQL injection vulnerability that can be exploited by an attacker to inject an executable SQL statement to...

Fedora: Security Advisory for python-databases (FEDORA-2021-e7fabd81fb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

IBM Security Guardium SQL Injection Vulnerability (CNVD-2021-37120)

IBM Security Guardium is a product of IBM IBM in the U.S. etc. IBM Security Guardium is a suite of platforms that provide data protection capabilities. github rd is a software application. github ic etc. are open source products. github ic is a software application. IBM Security Guardium suffers...

[SECURITY] Fedora 34 Update: python-databases-0.4.3-2.fc34

Databases gives you simple asyncio support for a range of databases. It allows you to make queries using the powerful SQLAlchemy Core expression language, and provides support for PostgreSQL, MySQL, and SQLite. Databases is suitable for integrating against any async Web framework, such as...

100M Android Users Hit By Rampant Cloud Leaks

More than 100 million Android users are at risk after 23 different mobile apps were found to leak personal data in the wake of rampant cloud misconfigurations. That’s according to Check Point Research, whose researchers found that emails, chat messages, location data, passwords, photos, personal...

[SECURITY] [DLA 2660-1] libgetdata security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2660-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky May 13, 2021 https://wiki.debian.org/LTS -...

Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies

UPDATE 04:23 pm Pacific Time, May 12: On Wednesday, President Joe Biden signed an Executive Order that broadly directs the Commerce Department to create cybersecurity standards for companies that sell software to the federal government. The Order comes in the immediate aftermath of a ransomware...

CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

DEBIAN-CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

UBUNTU-CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

CVE-2021-20204

A heap memory corruption problem use after free can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to...

Why now is the time to make database security a priority

Today, fast-growing organizations are generating data at a breakneck pace, and building up diverse database environments in order to store and share data more effectively. While these activities are the sign of a thriving business, governing and securing all this data rarely meets the pace of new...

PostgreSQL Trust Authentication Enabled (PostgreSQL Protocol)

Trust Authentication mode is enabled in PostgreSQL. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql"; if...

Meet critical infrastructure security compliance requirements with Microsoft 365

Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Every operator of an industrial control system also operates an IT network to service its productivity needs. A supervisory control and data acquisition SCADA system operator of a power...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for various areas, including web application security, penetration testing, and vulnerability research. The primary purpose of Vulhub is to provide a convenient and...