8 matches found
VulnCheck KEV: CVE-2022-31197
PostgreSQL JDBC Driver PgJDBC for short allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contain...
openSUSE 16 Security Update : mysql-connector-java (openSUSE-SU-2025-20089-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025-20089-1 advisory. - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'....
Security update for mysql-connector-java (important)
openSUSE security update: security update for mysql-connector-java ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20089-1 Rating: important References: bsc1241693 Cross-References: CVE-2025-30706 CVSS scores: CVE-2025-30706 SUSE : 7.5...
SUSE-SU-2025:21144-1 Security update for mysql-connector-java
This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...
OPENSUSE-SU-2025:20089-1 Security update for mysql-connector-java
This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...
postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow implementation from PGSQL...
GHSA-R38F-C4H4-HQQ2 PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
Impact What kind of vulnerability is it? Who is impacted? The PGJDBC implementation of the java.sql.ResultRow.refreshRow method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. ;, could lead to SQL injection. This could lead to...
Nortel Contact Recording Centralized Archive 6.5.1 - SQL Injection
EyrAPIConfiguration /EyrAPIConfiguration/ ... at the following url: http://host:8080/EyrAPI/EyrAPIConfiguration/EyrAPIConfigurationIf Vulnerability: without prior authentication, you can reach a web service with various methods availiable, as described inside the associated wsdl, see file:...