40 matches found
SUSE-SU-2022:0212-1 Security update for log4j
This update for log4j fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. bsc1194844 - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. bsc1194843 - CVE-2022-23302: Fix remote code...
OPENSUSE-SU-2021:0787-1 Security update for cacti, cacti-spine
This update for cacti, cacti-spine fixes the following issues: cacti-spine was updated to 1.2.17: Avoid triggering DDos detection in firewalls on large systems Use mysql reconnect option properly Fix possible creashes in various operations Fix remote data collectors pushing too much data to main...
MGASA-2020-0150 Updated phpmyadmin packages fix security vulnerability
Some SQL injections via table names and parameters were fixed...
OPENSUSE-SU-2020:0427-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password boo1167335 PMASA-2020-2. - CVE-2020-10802: Fixed an SQL injection in the search...
OPENSUSE-SU-2020:0405-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password boo1167335 PMASA-2020-2. - CVE-2020-10802: Fixed an SQL injection in the search...
OPENSUSE-SU-2019:2599-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.2: CVE-2019-18622: SQL injection in Designer feature boo1157614 Fixes for 'Failed to set session cookie' error Advisor with MySQL 8.0.3 and newer Fix PHP deprecation errors Fix a situation where exporting users...
SUSE-SU-2019:2335-1 Security update for python-Django1
This update for python-Django1 to version 1.11.23 fixes the following issues: - CVE-2019-14232: Fixed a denial of service in 'django.utils.text.Truncator' bsc1142880. - CVE-2019-14233: Fixed a denial of service in striptags bsc1142882. - CVE-2019-14234: Fixed an SQL injection in key and index...
OPENSUSE-SU-2019:2078-1 Security update for python-SQLAlchemy
This update for python-SQLAlchemy fixes the following issues: Security issues fixed: - CVE-2019-7164: Fixed SQL Injection via the orderby parameter bsc1124593. - CVE-2019-7548: Fixed SQL Injection via the groupby parameter bsc1124593. This update was imported from the SUSE:SLE-15:Update update...
SUSE-SU-2019:2261-1 Security update for python-SQLAlchemy
This update for python-SQLAlchemy fixes the following issues: Security issues fixed: - CVE-2019-7164: Fixed SQL Injection via the orderby parameter bsc1124593. - CVE-2019-7548: Fixed SQL Injection via the groupby parameter bsc1124593...
Security update for slurm (important)
openSUSE Security Update: Security update for slurm Announcement ID: openSUSE-SU-2019:2052-1 Rating: important References: 1140709 Cross-References: CVE-2019-12838 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for slurm to...
OPENSUSE-SU-2019:2039-1 Security update for python-SQLAlchemy
This update for python-SQLAlchemy fixes the following issues: Security issues fixed: - CVE-2019-7164: Fixed SQL Injection via the orderby parameter bsc1124593. - CVE-2019-7548: Fixed SQL Injection via the groupby parameter bsc1124593. This update was imported from the SUSE:SLE-15:Update update...
OPENSUSE-SU-2019:1861-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.0.1: Several issues with SYSTEM VERSIONING tables Fixed json encode error in export Fixed JavaScript events not activating on input sql bookmark issue Show Designer combo boxes when adding a constraint Fix edit...
OPENSUSE-SU-2019:1839-1 Security update for python-Django
This update for python-Django fixes the following issues: Security issues fixed: - CVE-2019-11358: Fixed prototype pollution. - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget bsc1136468 - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS bsc1139945. -...
OPENSUSE-SU-2019:0194-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.8.5 fixes the following issues: Security issues fixed: - CVE-2019-6799: Fixed an arbitrary file read vulnerability boo1123272 - CVE-2019-6798: Fixed a SQL injection in the designer interface boo1123271 Other changes: Fix rxport to SQL format not available F...
Quiz Deluxe,3.7.4,SQL Injection
Quiz Deluxe by joomplace, 3.7.4, SQL Injection resolution: update to 3.7.5 update notice: https://www.joomplace.com/blog/secure-your-quiz.html...
AppointmentBookingPro,4.0.1,SQL Injection
AppointmentBookingPro, 4.0.1, SQL Injection Resolution: update to 4.0.2 RC2 Update notice: https://appointmentbookingpro.com/support2/an2/17169-joomla-vel.html...
TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390
Information -------------------- Advisory by Netsparker. Name: SQL Injection Vulnerability in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type : SQL Injection Severity : Critical Status : Fixed...
AdaptCMS 2.0.4 - config.php?question SQL Injection
AdaptCMS 2.0.4 - config.php?question SQL Injection Exploit Title: AdaptCMS = 2.0.4 SQL Injection vulnerability Date: 26/10/2012 Exploit Author: Kallimero Vendor Homepage: http://www.adaptcms.com/ Software Link: http://www.insanevisions.com/page/3/Downloads/ Version: 2.0.4 Tested on: Debian...
phpAcounts v. 0. 5. 3 SQL injection and fix-vulnerability warning-the black bar safety net
Author: loneferret Affected version: 0.5.3 Developer address: http://phpaccounts.com/ Test platform: Ubuntu Server 11.10 Old app, still fun. Auth. Bypass: http://www.xxx.com /phpaccounts/index.php Username: x' or '1'='1' Password: whatever Upload php shell in preferences Letterhead image upload...
Fedora 14 : cacti-0.8.7h-1.fc14 (2011-15110)
Update to latest upstream release. Fixes SQL injection and XSS. Upstream re= lease notes are at http://www.cacti.net/releasenotes087h.php ---------------------------------------------------------------------- -----= Note that Tenable Network Security has extracted the preceding description block...