32 matches found
EUVD-2016-3430
Malware in sbrugna...
EUVD-2020-6876
Malware in sbrugna...
EUVD-2023-26134
Malicious code in bioql PyPI...
CVE-2023-21969
Vulnerability in Oracle SQL Developer component: Installation. Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer...
CVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon to the...
Vulnerabilities fixed in Oracle Database products
Oracle has fixed vulnerabilities in several Database products and subsystems, including the Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer and Secure Backup. A malicious party can exploit the vulnerabilities to launch attacks that can lead to t...
Metasploit Weekly Wrap-Up
Apache MQ and Three Cisco Modules in a Trenchcoat This week’s release has a lot of new content and features modules targeting two major recent vulnerabilities that got a great deal of attention: CVE-2023-46604 targeting Apache MQ resulting in ransomware deployment and CVE-2023-20198 targeting Cis...
Windows Gather PL/SQL Developer Connection Credentials
This module can decrypt the histories and connection credentials of PL/SQL Developer, and passwords are available if the user chooses to remember. Module Options msf use post/windows/gather/credentials/plsqldeveloper msf postplsqldeveloper show actions ...actions... msf postplsqldeveloper set...
Exploit for Uncontrolled Resource Consumption in Ruoyi
CVE-2023-3163-SQL-Injection-Prevention A simple and quick way...
Oracle Patch Tuesday April 2023 Security Update Review
Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...
CVE-2023-21969
Vulnerability in Oracle SQL Developer component: Installation. Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer...
CVE-2023-21969
Vulnerability in Oracle SQL Developer component: Installation. Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer...
Buffer overflow
Vulnerability in Oracle SQL Developer component: Installation. Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer...
CVE-2023-21969
CVE-2023-21969 affects Oracle SQL Developer (Installation component) with versions prior to 23.1.0. The root cause is insufficient input validation in the Installation component, allowing a high-privileged user with local access to compromise the Oracle SQL Developer instance, potentially taking ...
PT-2023-2666 · Oracle · Oracle Sql Developer
Name of the Vulnerable Software and Affected Versions: Oracle SQL Developer versions prior to 23.1.0 Description: The issue is related to insufficient input validation in the Installation component of Oracle SQL Developer, allowing a high-privileged attacker with logon to the infrastructure where...
Vulnerability fixed in Oracle SQL developer
A vulnerability has been fixed in Oracle SQL Developer. The vulnerability allows an unauthenticated remote malicious person able to access and manipulate sensitive data. data to be manipulated. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |...
CVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon to the...
CVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon to the...
Code injection
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon to the...
CVE-2020-14740
CVE-2020-14740 affects Oracle Database Server’s SQL Developer Install component in versions 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. A low-privilege user with Client Computer User Account privileges and logon to the environment can trigger a vulnerability that requires user interaction and can lead ...