Security Bulletin: IBM Db2 Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-29702)

Summary An IBM Db2 Server vulnerability affects IBM Emptoris Supplier Lifecycle Mgmt. Vulnerability Details CVEID: CVE-2021-29702 DESCRIPTION: Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally whe...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. (CVE-2021-29703)

Summary IBM® Db2® is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. Vulnerability Details CVEID: CVE-2021-29703 DESCRIPTION: Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service...

Tecnick.com TCExam 跨站脚本漏洞

Tecnick.com TCExam is a Web-based open source e-exam system from Tecnick.com, UK. The system is primarily used for online exams and more. TCExam suffers from a cross-site scripting vulnerability that stems from insufficient validation of user-supplied data in tceselectmediafile.php. A remotely...

openSUSE: Security Advisory for sqlite3 (openSUSE-SU-2021:1058-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1058-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization bsc1173641 - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated...

IBM DB2 Command Injection Vulnerability

IBM DB2 is a relational database management system from the American company IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 for Linux, UNIX, and Windows including Db2 Connect Server, which stems...

OESA-2021-1252 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2021-2067)

According to the version of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in SQLite's SELECT query functionality src/select.c. This flaw allows an attacker who is capable of running SQL queries locally on...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2021-2067)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29703

Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659...

CVE-2021-29703

Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659...

CVE-2021-29703

Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200659...

CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

Design/Logic Flaw

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

CVE-2021-29961

CVE-2021-29961 affects Mozilla Firefox (pre-89 releases). The issue is a content spoofing vulnerability where styling/rendering an oversized element failed to clip correctly, enabling an attacker to paint over the user interface. Root cause: incorrect clipping during rendering of oversized selec...

CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

CVE-2021-29961

When styling and rendering an oversized element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox 89...

CVE-2021-29702

Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658...

Design/Logic Flaw

Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658...