[SECURITY] Fedora 28 Update: sqlite-3.22.0-4.fc28

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

[SECURITY] Fedora 28 Update: mariadb-10.2.13-2.fc28

MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...

shashankgusai.weebly.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-593768 Description| Value ---|--- Affected Website:| shashankgusai.weebly.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

[SECURITY] Fedora 26 Update: sqlite-3.20.1-2.fc26

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Moderate: Red Hat Security Advisory: rh-mariadb101-mariadb and rh-mariadb101-galera security and bug fix update

An update for rh-mariadb101-mariadb and rh-mariadb101-galera is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor

CANCUN, Mexico – Researchers at NCC Group have discovered multiple backdoors on a UK government contractor’s computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15, which researchers said is utilizing many new tools ...

MySQL: Multiple vulnerabilities

Background A fast, multi-threaded, multi-user SQL database server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the referenced CVE identifiers for details. Impact A remote attacker could execute arbitrary code without authentication or cause a partial denial o...

USN-3564-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly handled certain temp files. An attacker could possibly use this to access sensitive information...

Moderate: Red Hat Security Advisory: rh-mariadb100-mariadb security update

An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ManageEngine EventLog Analyzer - Multiple Vulnerabilities (2)

Exploit for multiple platform in category web applications Multiple vulnerabilities in ManageEngine EventLog Analyzer Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Disclosure: 05/11/2014 / Last...

ACE - Automated, Collection, and Enrichment Platform

The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...

The Automated Collection and Enrichment Platform: ACE

The Automated Collection and Enrichment ACE platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports...

RegistrationMagic Plugin for WordPress < 3.7.9.3 PHP Object Injection

According to its self-reported version, the RegistrationMagic Plugin for WordPress running on the remote web server is prior to 3.7.9.3. It is, therefore, affected by a PHP object injection vulnerability. An unauthenticated, remote attacker can exploit this to inject PHP objects, execute arbitrar...

mysql: Server: Memcached unspecified vulnerability (CPU Oct 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

[SECURITY] Fedora 26 Update: community-mysql-5.7.20-1.fc26

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Cisco Prime Collaboration Provisioning Authenticated SQL Injection Vulnerability

A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries. The attacker could re...

How to Backup The Veeam ONE SQL Database

Purpose This article documents methods to back up the Veeam ONE SQL database. This is useful when you have to do a backup before an upgrade or if you have been asked to provide a backup of Veeam ONE database to Veeam Support for further in-depth analysis. Solution Identify the Location of the Vee...

FreeBSD : sugarcrm -- multiple vulnerabilities (3b776502-f601-44e0-87cd-b63f1b9ae42a)

sugarcrm developers report : An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection...

WEM SQL Database is growing to over 20 GB

WEM SQL Database is growing to over 20 GB ---...

Sql injection

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as demonstrated by a...