303 matches found
SUSE SLES12: apache2-mod_php72 / php72 / php72-bcmath / php72-bz2 / etc (SUSE-SU-2022:1714-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1714-1 advisory. - Fixed filtervar bypass vulnerability bsc1197644. Tenable has extracted the preceding description block directly from the SUSE security...
Mageia: Security Advisory (MGASA-2016-0159)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-27950
A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through 1.2.3.12 allows an authenticated attacker to execute arbitrary SQL commands via the id parameter to mesdocs.ajax.php in azurWebEngine/eShop. By default, the query is executed as DBA...
SUSE: Security Advisory (SUSE-SU-2014:0873-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GaussDB Kernel: Checking the Administrator Whose ID Is 10
The system administrator with the ID 10 has the highest database permissions, that is, has all system and object permissions. It is recommended that this user be used only for DBA management instead of service applications. Carefully check the operation records of this system administrator...
openGauss: Checking the Administrator Whose ID Is 10
The system administrator with the ID 10 has the highest database permissions, that is, has all system and object permissions. It is recommended that this user be used only for DBA management instead of service applications. Carefully check the operation records of this system administrator...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing
Summary Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2020-2968 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Java VM component could allow an authenticated attacker to take control of t...
openSUSE Security Update : php7 (openSUSE-2020-1356)
This update for php7 fixes the following issues : - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
CVE-2020-2978
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracl...
CVE-2020-2969
Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to...
CVE-2020-2969
Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to...
CVE-2020-2978
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracl...
CVE-2020-2978
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracl...
CVE-2020-2568
Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...
CVE-2020-2569
CVE-2020-2569 concerns the Oracle Database Server, specifically the Oracle Applications DBA component. Affected are Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The vulnerability is described as easily exploitable by a low-privileged attacker who already has Local L...
CVE-2020-2569
Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where...
Unspecified Vulnerability in Oracle Database Server (CNVD-2020-09958)
Oracle Database Server is an object-a relational database management system that provides an open, comprehensive, and integrated approach to information management. A security vulnerability exists in the Oracle Applications DBA component in Oracle Database Server 12.1.0.2, 12.2.0.1, 18c, and 19c...
Oracle Database Server CVE-2020-2569 Local Security Vulnerability
Description Oracle Database Server is prone to a local security vulnerability that exists in Oracle Applications DBA. The vulnerability can be exploited over the 'Local Logon' protocol. For an exploit to succeed, the attacker must have 'Local Logon' privilege. This vulnerability affects the...
The vulnerability of the command-line interface of the DBA-1510P router software allows a hacker to execute arbitrary operating system commands.
The vulnerability of the command-line interface of the DBA-1510P router microprogramming system exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
CVE-2019-6013
DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface CLI...