Huawei EulerOS: Security Advisory for hsqldb (EulerOS-SA-2023-2147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : hsqldb (ALAS-2023-1666)

The version of hsqldb installed on the remote host is prior to 1.8.1.3-1.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1666 advisory. Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be...

openSUSE 15 Security Update : hsqldb (SUSE-SU-2022:3823-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3823-1 advisory. - Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code...

Debian dla-3234 : hsqldb-utils - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3234 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3234-1 [email protected] https://www.debian.org/lts/security/...

Oracle Linux 7 : hsqldb (ELSA-2022-8560)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8560 advisory. 1:1.8.1.3-15 - Fix possible remote code execution vulnerability - Resolves: CVE-2022-41853 Tenable has extracted the preceding description block directly from t...

HyperSQL DataBase vulnerable to remote code execution when processing untrusted input

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...

CVE-2022-41853

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...

Design/Logic Flaw

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...

CVE-2022-41853 Remote code execution in HyperSQL DataBase

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...

CVE-2022-41853

Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...