8 matches found
EUVD-2006-4024
Malware in sbrugna...
postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limit...
postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limit...
postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements
It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limit...
Oracle Database Server Remote Vulnerability (CNVD-2015-00470)
Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session, Create Table' privileges using the 'Oracle Net' protocol...
IBM DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities
According to its version, the installation of IBM DB2 9.5 running on the remote host is prior Fix Pack 7. It is, therefore, affected by the following vulnerabilities : - The 'db2dasrrm' component included with such versions fails to perform sufficient bounds checks on user- supplied input, which ...
mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths
MySQL Team reports: Additional corrections were made for the symlink-related privilege problem originally addressed. The original fix did not correctly handle the data directory pathname if it contained symlinked directories in its path, and the check was made only at table-creation time, not at...
CVE-2003-0780
Buffer overflow in getsaltfrompassword from sqlacl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field...