Ethical Hackers Breach U.N., Access 100,000 Private Records

Security researchers successfully hacked the United Nations, accessing user credentials and personally identifiable information PII–including more than 100,000 private employee and project records—before informing the U.N. about the problem through the organization’s vulnerability disclosure...

Important: Red Hat Security Advisory: mariadb:10.3 security, bug fix, and enhancement update

An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Fedora: Security Advisory for mariadb (FEDORA-2020-ac2d47d89a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: mariadb-10.4.16-1.fc32

MariaDB is a community developed branch of MySQL - a multi-user, multi-thre aded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an...

Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

U.S. Dept Of Defense: System Error Reveals Sensitive SQL Call Data

Summary: If you attempt to login at https://███.mil/sso/LoginRequest.do using a very long username, the application will respond showing a stack trace information with sensitive SQL data call information. This reveals too much information about SQL calls to the database. Please see the attached P...

Fedora: Security Advisory for community-mysql (FEDORA-2020-77b95c868f)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Moderate: Red Hat Security Advisory: mariadb security and bug fix update

An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.21. Security Fixes: mysql: Server: Security: Privileges multiple...

[SECURITY] Fedora 32 Update: community-mysql-8.0.21-11.fc32

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

[SECURITY] Fedora 32 Update: sqlite-3.33.0-1.fc32

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Fedora: Security Advisory for sqlite (FEDORA-2020-d0f892b069)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Trend Micro™ Deep Security™ 20 is Here

Chuck Losh, Solutions Architect, takes us through the deployment of Trend Micro™ Deep Security™ 20 software in Microsoft® Azure® and runs through how to connect the database element to the Azure SQL Database...

[SECURITY] Fedora 32 Update: php-horde-kronolith-4.2.29-1.fc32

Kronolith is the Horde calendar application. It provides web-based calendars backed by a SQL database or a Kolab server. Supported features include Ajax and mobile interfaces, shared calendars, remote calendars, invitation management iCalendar/iTip, free/busy management, resource management,...

Security Bulletin: WML CE: TensorFlow: In SQLite before 3.32.3, select.c mishandles query-flattener optimization

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. TensorFlow in WML CE uses SQLite as its embedded SQL database engine. Vulnerability Details CVEID:...

[SECURITY] Fedora 32 Update: mariadb-10.4.13-1.fc32

MariaDB is a community developed branch of MySQL - a multi-user, multi-thre aded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an...

[SECURITY] Fedora 32 Update: sqlite-3.32.1-1.fc32

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Heybbs has a universal password login vulnerability

HEYBBS is a front-end based on bootstrap+jq+css,back-end php+mysql development of micro-community programs. Heybbs has a universal password login vulnerability that can be exploited by attackers to obtain sensitive database information...

[SECURITY] Fedora 30 Update: community-mysql-8.0.20-1.fc30

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...