Apache Airflow 输入验证错误漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. A code execution vulnerability exists in Apache Airflow JDBC Provider, which can be exploited by an attacker to execute arbitrary code on a system...

UBUNTU-CVE-2023-32697

SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2...

OPENSUSE-SU-2023:0064-1 Security update for trivy

This update for trivy fixes the following issues: Update to version 0.37.3 boo1208091, CVE-2023-25165: chorehelm: update Trivy from v0.36.1 to v0.37.2 3574 ci: quote pros in c++ for semantic pr 3605 fiximage: check proxy settings from env for remote images 3604 Update to version 0.37.2: BREAKING:...

SUSE CVE-2010-4474

Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269...

SUSE CVE-2018-2938

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Java DB. Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the...

VulnCheck KEV: CVE-2021-44832

Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue...

Exploit for Incorrect Type Conversion or Cast in Amazon Amazon_Web_Services_Redshift_Java_Database_Connectivity_Driver

CVE-2022-41828 Amazon AWS Redshift JDBC Driver Remote Code...

Amazon AWS Redshift JDBC Driver 代码问题漏洞

Amazon AWS is a cloud computing platform from the U.S.-based Amazon.com that provides a range of services including information technology infrastructure and applications such as storage, databases, computing, machine learning, and more to individuals, businesses, and governments. A security...

USN-5238-1: PostgreSQL JDBC Driver vulnerability

It was discovered that PostgreSQL JDBC Driver incorrectly handled certain requests from external entities. A remote attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code...

多款 VMware 产品代码问题漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

多款 VMware 产品跨站请求伪造漏洞

Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...

Jenkins dbCharts 插件安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins dbCharts Plugin is vulnerable to an information disclosure...

log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender

A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain...

EulerOS 2.0 SP5 : mysql-connector-java (EulerOS-SA-2021-1215)

According to the version of the mysql-connector-java package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the...

[SECURITY] Fedora 33 Update: mysql-connector-java-8.0.21-1.fc33

MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...

Debian: Security Advisory (DLA-2245-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mysql-connector-java FEDORA-2018-6b350bb946

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OSIsoft PI JDBC Driver and PI ODBC Driver Denial of Service Vulnerabilities

OSIsoft PI JDBC Driver and PI ODBC Driver are drivers for connecting to access databases from OSIsoft, USA. A de-security vulnerability exists in OSIsoft PI JDBC Driver and PI ODBC Driver SQL Data Access Server fails to properly process input, which could be exploited by remote attackers to submi...

Sql injection

SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager UCM 10.01 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313...

CVE-2014-0728

SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager UCM 10.01 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313...