EUVD-2004-1363

Malware in sbrugna...

Synology Video Station command injection and multiple SQL injection vulnerabilities

------------------------------------------------------------------------ Synology Video Station command injection and multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Han Sahin, September 2015...

Synology Video Station 1.5-0757 - Multiple Vulnerabilities

------------------------------------------------------------------------ Synology Video Station command injection and multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Han Sahin, September 2015...

Oracle Database Server Multiple Unspecified Vulnerabilities

Oracle database server is prone to SQL command execution vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CA Total Defense Suite UNCWS Multiple Report Stored Procedure SQL Injections (CVE-2011-1653)

CA Total Defense combines CA Anti-Virus, CA Anti-Spyware, CA Gateway Security and CA Host-Based Intrusion Prevention System. The unified network control UNC offers network access protection by validating endpoints requesting network access. Multiple SQL Injection vulnerabilities have been reporte...

Oracle Database SUBSCRIPTION_NAME Parameter SQL Injection (CVE-2005-1197)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided to the database user i...

Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit

Exploit for multiple platform in category local exploits ======================================================= Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit ======================================================= // /Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit/ /grant DBA...

Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit

Exploit for multiple platform in category local exploits ============================================================= Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit ============================================================= // /Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL...

[Full-disclosure] Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]

Oracle - Hardcoded Password and Password Reset of OUTLN User DB13 Systems Affected 9i Rel. 1 - 10g Rel. 2 Severity High Risk Category Hardcoded Default Password & Password Reset Vendor URL http://www.oracle.com/ Author Alexander Kornbrust Advisory 16 April 2008 V 1.00 Advisory URL...

Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection (2)

Oracle 10g KUPV$FT.ATTACHJOB - SQL Injection 2 !/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g - Version 2 - New "evil cursor injection" tip! - No "create procedure" privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged...

Oracle October 2005 CPU Problems

Examining the Oracle October 2005 Critical Patch Update in depth, NGSResearchers discovered a number of problems which have all since been reported to Oracle. As well as new vulnerabilities and problems with the patches for old vulnerabilities, the October 2005 CPU fails to install the patched...

[AppSecInc Team SHATTER Security Advisory] SQL Injection in CREATE_SCN_CHANGE_SET procedure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SQL Injection in CREATESCNCHANGESET procedure AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle/2005-05.html April 18, 2005 Affected versions: Oracle Database Server version 10g Risk level: High Credits: This...

CVE-2004-1366

Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges...

Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i

Researchers at NGSSoftware have discovered multiple high risk vulnerabilities in the Oracle Database Server. Versions affected include Oracle Database 10g - All Releases Oracle9i Database Server - All Releases The vulnerabilities include PL/SQL Injection vulnerabilities that allow low privileged...

Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g/9i Multiple PL/SQL injection vulnerabilities Systems Affected: Oracle 10g/AS on all operating systems Severity: High risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

CVE-2004-1366

Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges...