CVE-2021-31816

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext...

CVE-2021-25232

An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database...

CVE-2019-17503

An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...

CVE-2016-10768

cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades SEC-161...

CVE-2006-6974

Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 list files in the includes/ directory; obtain the SQL username and password via a direct request for 2 config.php and 3 config.php.bak in includes/; rea...

How to register Veeam Data Cloud Vault in Veeam Backup for Microsoft Azure

Article Applicability This article is specifically for Veeam Backup for Microsoft Azure v8. With the release ofVeeam Backup for Microsoft Azure v8.1, the process for adding Veeam Data Cloud Vault as a repository has been fully integrated. Purpose This article documents the procedure for registeri...

Important: Red Hat Security Advisory: sqlite security update

An update for sqlite is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RLSA-2024:0465 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

RLSA-2024:0894 Moderate: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023...

[SECURITY] Fedora 40 Update: mysql8.0-8.0.41-1.fc40

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

CVE-2024-47822

Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. The access token in req.query is not redacted when the LOGSTYLE is set to raw. If these logs are no...

[SECURITY] Fedora 41 Update: mariadb10.11-10.11.11-1.fc41

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

CVE-2025-30352

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the search query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the...

CVE-2025-30352

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the search query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the...

CVE-2025-30353

Directus vulnerability (CVE-2025-30353): In Directus, flows using the Webhook trigger with the Data of Last Operation response can disclose sensitive data when a ValidationError occurs. Affected versions are 9.12.0 up to, but not including, 11.5.0. The exposure includes environment variables, API...

CVE-2025-30352 Directus `search` query parameter allows enumeration of non permitted fields

Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the search query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the...

RLSA-2025:0912 Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

be.ugent.idlab.knows:dataio (>=2.0.0 <=2.1.4), com.asemicanalytics:asemic-sql (>=1.0 <=1.13) +162 more potentially affected by CVE-2025-27496 via net.snowflake:snowflake-jdbc (>=3.10.2 <=3.23.0)

net.snowflake:snowflake-jdbc MAVEN version =3.10.2, =2.0.0, =1.0, =1.14, =1.1, =1.1.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.3.0, =8.2.0-alpha.1, =0.1.0, =1.0.5-rc5 and more Source cves: CVE-2025-27496 Source advisory: OSV:GHSA-Q298-375F-5Q63...

CVE-2025-2265 Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

Important: Red Hat Security Advisory: mysql security update

An update for mysql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...