Code injection

An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and...

CVE-2016-8355

An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and...

CVE-2016-8355

The CVE-2016-8355 entry documents an elevation-of-privilege flaw in Smiths-Medical CADD-Solis Medication Safety Software (versions 1.0–3.1). An authenticated user can gain elevated privileges on the embedded SQL database, enabling modification of drug libraries, user management (add/delete users)...

Best Practices for deploying PVS in multi-geo environments

In scenarios where companies have a Global presence with multiple geographical locations, it is sometimes desirable to have a Provisioning Services Farm that spans multiple locations across the globe. PVS requires a constant andreliable connection to the SQL database. If there's a delay in...

CentOS 6 : mysql (CESA-2017:0184)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2017:0184 advisory. - Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17;...

Connection to Veeam Backup Enterprise Manager Fails After In-Place Upgrade From 2012(R2) to Server 2016/2019

Article Applicability This article documents an issue that is specifically related to in-place OS upgrades from Server 2012 and Server 2012 R2. Challenge After performing an in-place upgrade of the server hosting the Veeam Backup Enterprise Manager database from Server 2012 or 2012 R2 to Server...

PVS console showing target devices as down, even though it is possible to boot and stream to devices

PVS console showing target devices as down, even though it is possible boot and stream to devices.Event logged ID:11 Source: StreamProcess. DbAccess error: in ServerStatusSetContactInfo called from SSProtocolModule.cpp:2630. SQL DB server is up and accessible...

Oracle OPERA Multiple Vulnerabilities

Oracle OPERA is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Important: Red Hat Security Advisory: rh-mariadb100-mariadb security update

An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

jSQL Injection v0.77 - Java application for automatic SQL database injection

jSQL Injection is a lightweight application used to find database information from a distant server. It's is free , open source and cross-platform Windows, Linux, Mac OS X. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in distributions lik...

Important: Red Hat Security Advisory: mariadb55-mariadb security update

An update for mariadb55-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

Important: Red Hat Security Advisory: mariadb-galera security update

An update for mariadb-galera is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

[SECURITY] Fedora 23 Update: mariadb-10.0.27-1.fc23

MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...

Cisco Firepower Management Center SQL Injection Vulnerability

A vulnerability in the web framework of the Cisco Firepower Management Center could allow an authenticated, remote attacker to perform SQL injection on the affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

[SECURITY] Fedora 23 Update: openvas-manager-6.0.9-1.fc23

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 24 Update: openvas-manager-6.0.9-1.fc24

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 25 Update: openvas-manager-6.0.9-1.fc25

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

Dentsply Sirona CDR DICOM contains multiple hard-coded credentials

Overview The Dentsply Sirona previously known as Shick Technologies CDR DICOM is software for managing medical dental records. CDR DICOM contains several hard-coded credentials allowing administrative or root access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6530 Dentsply...

mariadb security update

CentOS Errata and Security Advisory CESA-2016:1602 An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...