[SECURITY] Fedora 43 Update: roundcubemail-1.6.14-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 44 Update: roundcubemail-1.7~rc5-1.fc44

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2026-27005

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary SQL into queries executed against databases connected to Chartbrew MySQL, PostgreSQL. This allows...

CVE-2026-27005

Chartbrew prior to version 4.8.3 is vulnerable to unauthenticated SQL injection in queries executed against connected databases (MySQL, PostgreSQL). The root cause is arbitrary SQL being injected via user-supplied input in queries, potentially allowing reading, modification, or deletion of data d...

API Attack Awareness: Injection Attacks in APIs – Old Threat, New Surface

Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume...

This Week in Spring - March 7th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's an amazing week, and this week we've got a lot to look at. Let's dive right into it. Spring Cloud Function for Azure Function Spring Data 2022.0.3 and 2021.2.9 released Spring R2DBC for Reactive Relational Databases in...

What's the Value of a Key-Value Store?

A database back end for your application is vital, and odds are that your database is a relational database or a "not only SQL" NoSQL database. Relational databases have dominated the software industry for decades, even as other technologies have radically changed around it. A relational database...

Introduction to SQL: Examples, Best Practices and Pitfalls

SQL Structured Query Language has been with us for more than half a century and it’s not going away anytime soon. Popular in both traditional relational databases and newer NoSQL databases technologies, SQL is widely used for data analytics, Big Data processing, coding languages, and more. I’m a...

CVE-2017-18410

In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server SEC-284...

Important: Red Hat Security Advisory: rsyslog7 security update

Updated rsyslog7 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RedHat Update for rsyslog RHSA-2014:1397-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...