The vulnerability of the Server:DDL component of the Oracle MySQL database management system allows a hacker to cause a service failure.

The vulnerability of the Server:DDL component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using the MySQL network protocol...

SQL Injection Vulnerability in Website Building System of Shanghai Yijue Network Technology Co.

Shanghai Yijue Network Technology Co., Ltd. is a joint-stock enterprise engaged in corporate website construction, website revision, website maintenance, website promotion, 400 phone for website business. There is a SQL injection vulnerability in the website construction system of Shanghai Yijue...

CVE-2019-2226

In deviceclasstoint of deviceclass.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8...

Xingtai Tenghe Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Xingtai Tenghe Network Technology Co., Ltd. is a company that provides comprehensive Internet solutions. Xingtai Tenghe Network Technology Co., Ltd. has a SQL injection vulnerability in its website builder system, which can be exploited by attackers to obtain sensitive server information...

CVE-2009-5041

overkill has buffer overflow via long player names that can corrupt data on the server machine...

CVE-2009-5041

overkill has buffer overflow via long player names that can corrupt data on the server machine...

CVE-2009-5041

overkill has buffer overflow via long player names that can corrupt data on the server machine...

CVE-2009-5041

CVE-2009-5041 describes a buffer overflow in the affected system caused by excessively long player names, potentially corrupting data on the server. The connected documents do not specify the exact product/version or a fix. NVD lists a network attack surface with high impact (CVSS v2: 7.5; CVSS v...

Xuzhou Mengchuang Information Technology Co., Ltd. website building system has file upload vulnerability

Vlcms is subordinate to Xuzhou Mengchuang Information Technology Co., Ltd. and Jiangsu Vlcms Network Technology Co., Ltd. and has been focusing on providing technical products and services in the game industry for 9 years, providing professional and scalable game operation technical solutions for...

SQL Injection Vulnerability in Imago CRM Customer Management System

Today's CRM is a mobile customer management system software. An SQL injection vulnerability exists in the CRM customer management system, which can be exploited by an attacker to obtain sensitive information from the server...

CVE-2019-15035

An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1...

Arbitrary File Read Vulnerability in Zendo Project Management System

Zendo project management system developed by Qingdao Easoft Tianchuang Network Technology Co., Ltd, domestic open source project management software. It integrates product management, project management, quality management, document management, organizational management and transaction management...

SQL injection in Android app content provider (NC-SA-2019-005)

The content provider of the app accepted arbitrary strings in the field list of the returned file list. This allowed an attacker to run harmful queries, destroying the local cache of the android app. The server data however was never in danger, so removing the account and setting it up again can...

Security Bulletin: A vulnerability in Apache Solr affects IBM InfoSphere Information Server

Summary A vulnerability in Apache Solr was addressed by IBM InfoSphere Information Server. Vulnerability Details CVE-ID: CVE-2019-0192 Description: Apache Solr could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization of untrusted data flaw in...

CVE-2019-4047

IBM Jazz Reporting Service JRS 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243...

CVE-2019-2618

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

Medium: mysql57

Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Kingsoft Antivirus Adds Users with Intercept Bypass Vulnerability

Kingsoft AntiVirus is a highly intelligent anti-virus software officially developed by Kingsoft. There is an interception bypass vulnerability in Kingsoft AntiVirus Add User. Attackers can use this vulnerability to add unauthorized users and obtain server information...

Ltd. cloud collection of any content plug-ins exist in any file read vulnerability

The Cloud Capture Any Content Plugin by Heyuan Zhongda Culture Media Co. is a free collection plugin. There is an arbitrary file reading vulnerability in the Heyuan Zhongda Culture Media Limited Cloud Capture Any Content Plugin. Attacks can use this vulnerability to obtain sensitive information o...

CVE-2018-1247

RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity XXE vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted to the application...