SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the kcvarcol component, enabling attackers to cause a DoS via crafted SQL statements...

SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the dvcompare component, enabling attackers to cause a DoS via crafted SQL statements...

SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the strhash component, enabling attackers to cause a DoS via crafted SQL statements...

SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the gpfnotice component, enabling attackers to cause a DoS via crafted SQL statements...

SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the sqlounionscope component, enabling attackers to cause a DoS via crafted SQL statements...

SQL Injection

openlink virtuoso-opensource is vulnerable to SQL Injection. The vulnerability is due to an issue in the psiginfo component, enabling attackers to cause a DoS via crafted SQL statements...

RHEL 7 : virtuoso-opensource (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - virtuoso-opensource: Crash in boxdeserializereusing function CVE-2023-48952 - An issue in the libcmalloc...

DLA-3805-1 qtbase-opensource-src - security update

Bulletin has no description...

Debian: Security Advisory (DLA-3805-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3805-1] qtbase-opensource-src security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3805-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 01, 2024 https://wiki.debian.org/LTS -...

CVE-2024-32467 Meteraphsere vulnerable to unauthorized viewing by workspace members

MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue...

The vulnerability of the box_add() function in the virtuoso-opensource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the boxadd function in the virtuoso-opensource web application development platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures after executing the SELECT operator...

ROS-20240402-15

A vulnerability in the virtuoso-opensource web application development platform is related to the invocation of a denial of Denial of Service DoS using specially crafted SQL statements. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A...

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

Fedora: Security Advisory for java-diff-utils (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: java-diff-utils-4.12-7.fc40

Diff Utils library is an OpenSource library for performing the comparison / d iff operations between texts or some kind of data: computing diffs, applying patches, genera ting unified diffs or parsing them, generating diff output for easy future displaying lik e side-by-side view and so on...

Important: virtuoso-opensource

Issue Overview: An issue in the boxdiv function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement. CVE-2023-48948 An issue in the boxadd function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of...

Amazon Linux 2 : virtuoso-opensource (ALAS-2024-2383)

The version of virtuoso-opensource installed on the remote host is prior to 7.2.11-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2383 advisory. An issue in the boxdiv function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of...