34 matches found
EUVD-2018-14224
Malware in sbrugna...
EUVD-2015-7890
Malware in sbrugna...
EUVD-2016-7078
Malware in sbrugna...
EUVD-2023-55148
Malicious code in bioql PyPI...
CVE-2003-0943
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via 1 waecho, 2 Web SQL Interface websql, or 3 Web Database Manager webdbm...
CVE-2023-50347
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration...
CVE-2023-50347
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration...
CVE-2023-50347 Insecure SQL Interface affects HCL DRYiCE MyXalytics
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration...
CVE-2023-50347 Insecure SQL Interface affects HCL DRYiCE MyXalytics
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration...
CVE-2023-50347
CVE-2023-50347 : The vulnerability affects HCL DRYiCE MyXalytics, described as an insecure SQL interface that could allow an attacker to execute arbitrary SQL, including changing system configuration. Multiple sources (NVD/NVD-derived records and third-party advisories) corroborate the issue but ...
PT-2024-13917 · Hcl · Hcl Dryice Myxalytics
Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The issue is related to an insecure SQL interface, which could allow an attacker to execute custom SQL queries, including modifying system configurations. A malicious user can...
PT-2023-8878 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: The issue is related to a stack overflow in the openlink virtuoso-opensource platform, which can be exploited by attackers to cause a Denial of Service DoS via crafted SQL statements...
PT-2023-17292
Name of the Vulnerable Software and Affected Versions Eskom Water Metering Software versions prior to 23.04.06 Description The issue is related to an SQL Injection vulnerability, which allows for Command Line Execution through SQL Injection. This is due to the improper neutralization of special...
Mail.ru: sql
SQL interface for web analytics was available at terrhq.ru subdomain...
Security Bulletin: Tivoli Storage Manager (IBM Spectrum Protect) SQL interface vulnerable to unauthorized access (CVE-2016-8940)
Summary Tivoli Storage Manager IBM Spectrum Protect SQL interface is vulnerable to unauthorized access to user credentials and product sensitive information. Vulnerability Details CVEID: CVE-2016-8940 DESCRIPTION: IBM Tivoli Storage Manager IBM Spectrum Protect does not perform sufficient authori...
Authentication flaw
Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attack...
CVE-2018-2369
CVE-2018-2369 affects SAP HANA versions 1.00 and 2.00. The issue allows an unauthenticated attacker to misuse the SAP HANA SQL server authentication function to disclose 8 bytes of the server process memory. The attacker cannot influence or predict the leaked memory location. Details confirm a me...
HANA server memory disclosure
Application: SAP NetWeaver Versions Affected: SAP HANA 1.0, 2.0 all versions Vendor URL: SAP Bugs: Information Disclosure Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2572940 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATIO...
SAP HANA User Enumeration Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. A user enumeration vulnerability exists in the SQL interface in SAP HANA. A remote attacker could...
CVE-2016-6145
The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailederroronconnect option is not supported or is configured as "False," which allows remote attackers to enumerat...