9 matches found
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the quote function that fails to properly escape special characters. An attacker can execute arbitrary SQL commands by supplying specially crafted input values for database name or table names. Remediation Upgrade...
EUVD-2025-22483
Malicious code in bioql PyPI...
CVE-2025-8107
In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands. This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected...
CVE-2025-8107
In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands. This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected...
CVE-2025-8107
In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands. This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected...
CVE-2025-8107
CVE-2025-8107 affects OceanBase in Oracle tenant mode. A malicious user with specific privileges can escalate to SYS-level access by executing crafted commands. Affects only Oracle mode tenants; MySQL mode is unaffected. CVSS 3.1 base score 6.3 (Network, Low attack complexity, Low privileges requ...
CVE-2025-8107
In OceanBase's Oracle tenant mode, a malicious user with specific privileges can achieve privilege escalation to SYS-level access by executing carefully crafted commands. This vulnerability only affects OceanBase tenants in Oracle mode. Tenants in MySQL mode are unaffected...
PT-2025-30639 · Oceanbase · Oceanbase
Name of the Vulnerable Software and Affected Versions: OceanBase affected versions not specified Description: A malicious user with specific privileges in OceanBase’s Oracle tenant mode can achieve privilege escalation to SYS-level access by executing carefully crafted commands. This issue only...
LLM-Based Dynamic Differential Testing for Database Connectors with Reinforcement Learning-Guided Prompt Selection
Database connectors are critical components enabling applications to interact with underlying database management systems DBMS, yet their security vulnerabilities often remain overlooked. Unlike traditional software defects, connector vulnerabilities exhibit subtle behavioral patterns and are...