2 matches found
Breaking Oracle Database VPD Through DDL Permissions In 19c
Title: Breaking Oracle Database VPD Virtual Private Database Through DDL Permissions in 19c Product: Database Manufacturer: Oracle Affected Versions: 19c Tested Versions: 19c Risk Level: Low Author of Advisory: Emad Al-Mousa Vulnerability Details: By design VPD security feature protects against a...
MGASA-2014-0222 Updated postgresql packages fix multiple vulnerabilities
Updated postgresql packages fix security vulnerabilities: Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role memb...