CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

UBUNTU-CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

Design/Logic Flaw

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version 3.0.0 1a2c047, which originates in the component parserparsefunctionstatement in /jerry-core/parser/js/js-parser-statm.c contains a heap buffer overflow...

CVE-2023-31910

Removed by vendor...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

ALSA-2023:2378 Moderate: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fixes: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file...

EulerOS Virtualization 3.0.2.0 : mariadb (EulerOS-SA-2023-1704)

According to the versions of the mariadb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. CVE-2021-46657 -...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

CVE-2023-30455

An issue was discovered in ebankIT before 7. A Denial-of-Service attack is possible through the GET parameter EStatementsIds located on the /Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx endpoint. The GET parameter accepts over 100 comma-separated e-statement IDs without...

ebankIT 安全漏洞

ebankIT is a banking software from ebankIT Portugal. A security vulnerability exists in versions prior to ebankIT 7. The vulnerability stems from an attacker sending a request with more than 100 statement IDs, which could overload the server for all users and cause a denial of service...

PT-2023-22702 · Ebankit · Ebankit

Name of the Vulnerable Software and Affected Versions: ebankIT versions prior to 7 Description: An issue allows a Denial-of-Service attack through the EStatementsIds GET parameter located on the "/Controls/Generic/EBMK/Handlers/EStatements/DownloadEStatement.ashx" endpoint. This parameter accepts...

SQL Injection in Admin Search Find API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

CVE-2023-26930

Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

CVE-2022-43441

A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability...

DEBIAN-CVE-2022-43441

A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability...