Building a New Language for Data Processing

Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...

Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ?startingWith?, ?endingWith? or ?containing? could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

DEBIAN-CVE-2018-15863

Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression...

CVE-2018-15863

Unchecked NULL pointer usage in ResolveStateAndPredicate in xkbcomp/compat.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression...

libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c

A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file...

libxml2 xmlXPathCompOpEvalPositionalPredicate Memory Misreference Vulnerability

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. libxml2 xmlXPathCompOpEvalPositionalPredicate memory misreference vulnerability. An attacker could cause memory...

MySQL: pre-evaluating LIKE arguments in view prepare mode causes crash (MySQL Bug#54568)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service assertion failure and server crash via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers...

MySQL: pre-evaluating LIKE arguments in view prepare mode causes crash (MySQL Bug#54568)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service assertion failure and server crash via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers...

CVE-2006-6931

Removed by vendor...

CVE-2001-0831

Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SETLABEL, or SQLPredicate is being used, allows local users to gain additional access...

CVE-2001-0831

Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SETLABEL, or SQLPredicate is being used, allows local users to gain additional access...

CVE-2001-0831

The CVE-2001-0831 issue concerns Oracle Label Security in Oracle 8.1.7 and 9.0.1. The vulnerability is triggered when audit functionality, SET_LABEL, or SQL*Predicate is used, enabling local users to gain additional access. This is a local privilege escalation vulnerability affecting the listed O...