The vulnerability of the integrity_check command in the PRAGMA implementation of the SQLite database management system allows a hacker to gain full control over the application.

The vulnerability of the integritycheck command in the PRAGMA implementation of the SQLite database management system is related to insufficient checks for unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the...

Vulnerabilities fixed in Oracle MySQL products

Oracle has fixed vulnerabilities in its MySQL products: - MySQL Server - MySQL Workbench - MySQL Enterprise Monitor - MySQL Cluster - MySQL Client - MySQL Connectors One of these vulnerabilities CVE-2019-5482 concerns an erng serious vulnerability in MySQL Server. This vulnerability allows an...

Security Bulletin: Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench affected by Netty vulnerabilities (CVE-2020-7238, CVE-2019-16869, CVE-2019-20445, CVE-2019-20444)

Summary Netty is vulnerable to security issues affecting the Rational Integration Tester HTTP/TCP Proxy component in Rational Test Virtualization Server and Rational Test Workbench Vulnerability Details CVEID: CVE-2020-7238 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a...

CVE-2019-6019

Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2019-6019

STAMP Workbench installer is affected by an insecure DLL search path (CWE-427) in the Windows installer, enabling arbitrary code execution with the user’s privileges via a Trojan horse DLL loaded from an unspecified directory. The issue is specific to the installer component, not the STAMP Workbe...

CVE-2019-6019

Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Security Bulletin: IBM i Access for Windows affected by vulnerability CVE-2015-7416.

Summary IBM i Access for Windows is affected by vulnerability CVE-2015-7416. This vulnerability affects the Windows system running the IBM i Access for Windows product. Vulnerability Details CVEID: CVE-2015-7416 DESCRIPTION: IBM i Access for Windows AFP Workbench Viewer contains a vulnerability...

SAP NetWeaver Process Integration Information Disclosure Vulnerability (CNVD-2020-04285)

SAP NetWeaver Process Integration PI is an SAP enterprise application integration software from SAP, Germany, and is a component of the NetWeaver product group. The component is mainly used for the exchange of information between the internal system and the external. An information disclosure...

Cloudera Data Science Workbench Privilege Check Bypass Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. A security vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems from the system not properly restricting access to resources from unauthorized roles. An attacker can...

DLL Hijacking Vulnerability in Jingmai PC Client Software

Jingmai Workbench PC Version, Jingmai Workbench PC Version is a seller management tool for Jingdong Mall. Jingmai pc client software DLL hijacking vulnerability, an attacker can use the vulnerability in the client process to inject executable DLL file, to perform arbitrary functions...

STAMP Workbench installer may insecurely load Dynamic Link Libraries

Overview STAMP Workbench is a modeling tool for STAMP provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA. It is distirbuted as a ZIP archive or an Windows executable installer. The Windows executable installer contains an issue with the DLL search path, which may lead to insecurely...

STAMP Workbench Installer Code Issue Vulnerability

STAMP Workbench is a modeling tool that supports support for STAMP Systems Theory Accident Models and Processes/STPA Systems Theory Process Analysis. A code issue vulnerability exists in the STAMP Workbench installer that can be exploited by an attacker to cause unsafe loading of dynamic link...

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

Design/Logic Flaw

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

CVE-2018-20090

CVE-2018-20090 affects Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an access-control flaw that allows authenticated users to bypass project permission checks and gain read/write access to any project folder. Root cause: improper enforcement of project-level permissio...

CVE-2018-20090

An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...

JVN#19386781: STAMP Workbench installer may insecurely load Dynamic Link Libraries

STAMP Workbench is a modeling tool for STAMP provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA. It is distirbuted as a ZIP archive or an Windows executable installer. The Windows executable installer contains an issue with the DLL search path, which may lead to insecurely loading...

Rockwellautomation Connected Uncontrolled Search Path Element

A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench CCW. The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE, 9328-CCWDEVDEE, 9328-CCWDEVES...

SQLite CVE-2019-16168 Denial of Service Vulnerability

Description SQLite is prone to a denial of service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. SQLite 3.29.0 and prior versions are vulnerable. Technologies Affected Oracle Communications Design Studio 7.3.4.3.0 Oracle Communications Design Studio...