The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary web or HTML code.

The vulnerability of the Development Workbench component of the SAP HANA database management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary web or HTML code remotely...

The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary web or HTML code.

The vulnerability of the Development Workbench component of the SAP HANA database management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary web or HTML code remotely...

The vulnerability of the SAP HANA database management system allows a hacker to execute arbitrary XSJS codes.

The vulnerability of the Development Workbench component of the SAP HANA database management system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary XSJS code remotely...

Deliberately Insecure Web Application: OWASP WebGoat

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...

JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

CentOS Update for java CESA-2015:1919 centos6

Check the version of java SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882303";...

java security update

CentOS Errata and Security Advisory CESA-2015:1921 Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...

OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911...

OpenJDK: insufficient permission checks in StubGenerator (CORBA, 8076383)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

SAP HANA Developer Edition DB Eval Injection Vulnerability

SAP HANA is a high-performance real-time data analytics platform from SAP, Germany, of which SAP HANA Developer Edition DB is a development version of the database. An Eval injection vulnerability exists in the test-net.xsjs file in the Web-based Development Workbench for SAP HANA Developer Editi...

[SECURITY] Fedora 22 Update: lxdm-0.4.1-10.fc22

LXDM is the future display manager of LXDE, the Lightweight X11 Desktop environment. It is designed as a lightweight alternative to replace GDM or KDM in LXDE distros. It's still in very early stage of development...

Cross site scripting

Cross-site scripting XSS vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script or HTML via the role name, aka SAP Security Note 2153898...

Cross site scripting

Cross-site scripting XSS vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote authenticated users to inject arbitrary web script or HTML via the username, aka SAP Security Note 2153898...

Sql injection

Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via unspecified vectors, aka SAP Security Note 2153892...

CVE-2015-7725

Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allow remote authenticated users to execute arbitrary SQL commands via the 1 remoteSourceName in the dropCredentials function or unspecified vectors in the 2 setTraceLevelsForXsApps...

[SECURITY] Fedora 22 Update: icu-54.1-4.fc22

Tools and utilities for developing with icu...

[SECURITY] Fedora 22 Update: php-5.6.14-1.fc22

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 23 Update: php-5.6.14-1.fc23

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Multiple Adobe Products Input Validation Vulnerabilities

Adobe Flash Player, Adobe AIR SDK, and Adobe AIR SDK & Compiler are products of Adobe, Incorporated.Adobe Flash Player is a multimedia player; Adobe AIR SDK and Adobe AIR SDK & Compiler are standard development kits for Adobe AIR a cross-OS runtime environment. Adobe Flash Player is a multimedia...