CVE-2025-65104 Firebird: Information leak vulnerability in firebird3 client when used with newer server

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or...

CVE-2025-65104 Firebird: Information leak vulnerability in firebird3 client when used with newer server

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or...

DataEase 安全漏洞

DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in operations. DataEase versions 2.10.20 and earlier contain security vulnerabilities...

TencentOS Server 3: .NET 8.0 (TSSA-2024:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2016-5517

Malware in sbrugna...

EUVD-2022-43001

Malicious code in bioql PyPI...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2023-33993

B1i module of SAP Business One - version 10.0, application allows an authenticated user with deep knowledge to send crafted queries over the network to read or modify the SQL data. On successful exploitation, the attacker can cause high impact on confidentiality, integrity and availability of the...

CVE-2022-3641

Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2024-11671

CVE-2024-11671 concerns Devolutions Remote Desktop Manager on Windows. Multiple sources confirm an improper authentication flaw in the SQL data source MFA validation, enabling an authenticated user to bypass MFA by switching data sources. Affected product/version: Devolutions Remote Desktop Manag...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

PT-2024-17179 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.3.17 and earlier Description: The issue is related to improper authentication in SQL data source MFA validation, allowing an authenticated user to bypass the MFA validation via data source...

Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)

Summary A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation resulting in a bypass of security restrictions. Microsoft .NET Core is used by IBM Robotic Process Automation as part of it's development platform. This bulletin identifies the security fixes to apply to address...

BIT-DOTNET-2024-0056 Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability...

CentOS 8 : .NET 8.0 (CESA-2024:0150)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0150 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

CentOS 8 : .NET 6.0 (CESA-2024:0158)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0158 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

CentOS 8 : .NET 7.0 (CESA-2024:0157)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0157 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

Oracle Linux 8 : .NET / 7.0 (ELSA-2024-0157)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0157 advisory. 7.0.115-1.0.1 - Add support for Oracle Linux - Update to .NET SDK 7.0.115 and Runtime 7.0.15 Tenable has extracted the preceding description block...