EUVD-2018-0758

Malware in sbrugna...

TencentOS Server 3: postgresql-jdbc) (TSSA-2023:0079)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0079 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ROS-20240807-07

Vulnerability in implementation of PreparedStatement.setText or PreparedStatement.setBytea methods of JDBC driver PgJDBC methods for connecting Java programs to a PostgreSQL database is related to unsafe temporary files. Exploitation of the vulnerability could allow an attacker to disclose...

Security Bulletin: IBM InfoSphere Information Server is affected by a remote code execution vulnerability in HSQLDB (CVE-2022-41853)

Summary A remote code execution vulnerability in HSQLDB used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2022-41853 DESCRIPTION: HSQLDB could allow a remote attacker to execute arbitrary code on the system, caused by improper validation of user-supplied inp...

CVE-2022-41853

CVE-2022-41853 affects hsqldb (HyperSQL DataBase). The vulnerability arises when processing untrusted input via java.sql.Statement or java.sql.PreparedStatement, where by default arbitrary static Java methods in the classpath can be invoked, enabling remote code execution. Mitigations documented ...

careerbliss.com Cross Site Scripting vulnerability OBB-1235710

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2018-1282

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation...

CVE-2018-1282

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation...

CVE-2018-1282

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation...

Information disclosure

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation...

CVE-2018-1282

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation...

Enorth Webpublisher CMS SQL Injection Vulnerability

Enorth Webpublisher CMS suffers from a remote SQL injection vulnerability. Title: ==== CVE-2015-5617Enorth Webpublisher CMS SQL Injection from deletependingnews.jsp cbNewsid Vendor: ====== http://products.enorth.com.cn/bfnrglxt/index.shtml Enorth Webpublisher CMS so far of the scale of tens of...

Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection

EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as described inside the associated wsdl, see file:...