The vulnerability of the Spatial Data component of the Windows operating system, which allows attackers to escalate their privileges

The vulnerability of the Spatial Data component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

Microsoft Windows Spatial Data Service Spatial Data Service Privilege Elevation Vulnerability

Microsoft Windows is a set of operating systems for personal devices from Microsoft.Spatial Data Service is one of the spatial data service components. A security vulnerability exists in Spatial Data Service in Microsoft Windows 10 version 1903 that stems from a program not properly handling...

Windows Spatial Data Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Spatial Data Service improperly handles objects in memory. An attacker could exploit the vulnerability to overwrite or modify a protected file leading to a privilege escalation. To exploit this vulnerability, an attacker would first...

Denial Of Service (DoS)

mysql is vulnerable to denial of service. A flaw was found in a way MySQL's InnoDB engine handled spatial indexes. An authenticated user could create a table with spatial indexes, which are not supported by the InnoDB engine, that would cause the mysql daemon to crash when used. This issue only...

August 30, 2019—KB4512941 (OS Build 18362.329)

August 30, 2019—KB4512941 OS Build 18362.329 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the...

Oracle Database Server Multiple Vulnerabilities (Jul 2019 CPU)

The remote Oracle Database Server is missing the July 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability in the Spatial component of Oracle Database Server, which could allow an authenticated, remote attacker to cause a partial...

SAP HANA Extended Application Services External Entity Injection Vulnerability

SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...

UBUNTU-CVE-2018-20536

There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1 that will cause a denial of service...

UBUNTU-CVE-2018-20539

There is a Segmentation fault triggered by illegal address access at liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1 that will cause a denial of service...

libLAS Null Pointer Dereference Vulnerability

libLAS is a C/C++ library for reading and writing the common LAS LiDAR format. A null pointer dereference vulnerability exists in liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1. An attacker could exploit this vulnerability to cause a denial of service...

libLAS Segmentation Error Vulnerability

libLAS is a C/C++ library for reading and writing the common LAS LiDAR format. A segmentation error vulnerability exists in libLAS 1.8.1. The vulnerability stems from illegal address access in liblas::SpatialReference::GetGTIF in spatialreference.cpp in libLAS. An attacker could use this...

Oracle Database Server Multiple Vulnerabilities (July 2018 CPU)

The remote Oracle Database Server is missing the July 2018 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - An unspecified vulnerability in the Oracle Spatial jackson-databind component of Oracle Database Server allows an unauthenticated, remote attacker with...

Oracle Database Server 'Oracle Spatial' Component Unspecified Vulnerability

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle JDeveloper ADF Faces Unspecified Remote Code Execution (October 2017 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by vulnerability in the Spatial Apache Groovy component of Oracle Database Server. Please see the vendor advisory for additional information. %NASLMINLEVEL 70300 C Tenable Network...

Oracle Database Server 'WLM' And 'Spatial' Components Multiple Unspecified Vulnerabilities

Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 26 Update: synfig-1.2.0-9.fc26.1

Synfig is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need for tweening,...

Oracle Database Server 'OJVM' Component Unspecified Vulnerability

Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 24 Update: nodejs-srs-1.1.0-3.fc24

This module tries to detect projections, also known as "spatial reference systems". It works similiarly to gdalsrsinfo...

Spatial orientation - Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Spatial orientation published at the 'play' market has multiple vulnerabilities...

The vulnerability of the Ruby on Rails software platform, which allows attackers to circumvent existing access control policies

The vulnerability in the nestedattributes.rb file of the activerecord/lib/activerecord module in the Ruby on Rails software framework is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to bypass existing access restrictions by using nested attributes ...