802 matches found
Moderate: Red Hat Security Advisory: sqlite security update
An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
sqlite security update
An update is available for sqlite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SQLite is a C library that implements an SQL database engine. A large subset o...
Veeam Repair/Reinstall/Update fails with "The following SQL database patches are missed"
Error When Upgrading From 11a P20240304 to version 12.0.x, 12.1.0.x, or 12.1.1.x The error documented on this KB will occur if attempting to upgrade from Veeam Backup & Replication 11a P20240304 to any release of Veeam Backup & Replication v12 less than 12.1.2. As noted on the release page for...
Cloudquery - Transforms Your Cloud Infrastructure Into SQL Database For Easy Monitoring, Governance And Security
CloudQuery transforms your cloud infrastructure into queryable SQL for easy monitoring, governance and security. What is CloudQuery and why use it? CloudQuery pulls, normalize, expose and monitor your cloud infrastructure and SaaS apps as SQL database. This abstracts various scattered APIs enabli...
Gurock Testrail 7.2.0.3014 Improper Access Control
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...
RLSA-2021:3590 Moderate: mysql:8.0 security, bug fix, and enhancement update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.26. BZ1996693 Security Fixes: mysql: Server: Stored Procedure multiple...
SQLite Segmentation Error Vulnerability
SQLite is a self-sufficient, serverless, zero-configuration, transactional SQL database engine. idxGetTableInfo function in SQLite version 3.36.0 is vulnerable to a segmentation error. An attacker could exploit the vulnerability via a specially crafted SQL query to cause a denial of service...
CVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
Default credentials
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
CVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
CVE-2021-35193
CVE-2021-35193 affects Patterson Eaglesoft 18–21 via the Patterson Application Service. The vulnerability arises because the service accepts the same certificate authentication across different customer installations with the same software version, enabling remote access to SQL database credentia...
Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability
Summary A local file inclusion LFI vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Tested...
Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability
Summary Cross-site scripting vulnerabilities exist in the sshform.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide...
Code injection
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...
Code injection
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...
CVE-2021-31817
CVE-2021-31817 affects Octopus Server when configured with an external SQL database; during initial setup, the database password is written in plaintext to the OctopusServer.txt log. Impact is exposure of credentials via logs. Connected sources confirm the same description; no remediation steps o...
CVE-2021-31817
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...
CVE-2021-31816
CVE-2021-31816 affects Octopus Server when configured with an external SQL database. During initial configuration, the database password is written to the OctopusServer.txt log file in plaintext, exposing sensitive credentials. This is documented across multiple sources (NVD entry and vendor advi...
CVE-2021-31816
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...
[SECURITY] Fedora 32 Update: mariadb-10.4.19-1.fc32
MariaDB is a community developed branch of MySQL - a multi-user, multi-thre aded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an...