20 matches found
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Progress DataDirect JDBC drivers
Summary Multiple vulnerabilities in Progress DataDirect JDBC drivers that are used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2025-10702 DESCRIPTION: Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC...
EUVD-2023-38444
Malicious code in bioql PyPI...
EUVD-2023-38443
Malicious code in bioql PyPI...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
CVE-2023-34363
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Progress DataDirect Connect for ODBC
Summary Multiple vulnerabilities in Progress DataDirect Connect for ODBC used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2023-34363 DESCRIPTION: Progress DataDirect Connect for ODBC could allow a remote attacker to obtain sensitive information, caused by...
CVE-2023-34363
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...
CVE-2023-34363
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
Code injection
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...
Buffer overflow
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
Progress Software DataDirect Connect 缓冲区错误漏洞
Progress Software DataDirect Connect is a data connectivity solution from Progress Software, Inc. that can run in the cloud or locally. A security vulnerability previously existed in Progress Software DataDirect Connect version 08.02.2770, which stemmed from the fact that an overly large value fo...
CVE-2023-34363
An issue was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. When using Oracle Advanced Security OAS encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanism that uses a...
PT-2023-24840 · Progress · Progress Datadirect Connect For Odbc
Name of the Vulnerable Software and Affected Versions: Progress DataDirect Connect for ODBC versions prior to 08.02.2770 for Oracle Description: A buffer overflow issue was discovered, allowing an attacker to execute code of their choice on an affected host. This occurs when an overly large value...
CVE-2023-34364
Progress DataDirect Connect for ODBC (Oracle) prior to 08.02.2770 contains a buffer overflow caused by overly large option values in a connection string, overrunning the processing buffer and enabling remote code execution. The root cause is improper bounds checking on certain connection-string o...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
CVE-2023-34364
A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an...
PT-2023-24839 · Progress · Progress Datadirect Connect For Odbc
Name of the Vulnerable Software and Affected Versions: Progress DataDirect Connect for ODBC versions prior to 08.02.2770 for Oracle Description: An issue was discovered when using Oracle Advanced Security OAS encryption. If an error occurs while initializing the encryption object, the code falls...