Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-39954
user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, an attacker that obtained at least read access to a snapshot of the database can impersonate the Nextcloud server towards linked se...
Nextcloud User Oidc
NA
CVE-2023-27411
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote malicious users to execute arbitrary SQL queries on the server database and escalate privileges.
Siemens Ruggedcom Crossbow
NA
CVE-2023-37372
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote malicious users to execute arbitrary SQL queries on the server database.
Siemens Ruggedcom Crossbow
NA
CVE-2023-37470
Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one's Metabase server. The core iss...
Metabase Metabase
NA
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local malicious user to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. A...
Cisco Broadworks Application Server
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Network Server
Cisco Broadworks Profile Server
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Troubleshooting Server
Cisco Broadworks Network Function Manager
Cisco Broadworks Network Database Server
Cisco Broadworks Execution Server
Cisco Broadworks Database Server
Cisco Broadworks Service Control Function Server
Cisco Broadworks Media Server
NA
CVE-2022-46902
An issue exists in Vocera Report Server and Voice Server 5.x up to and including 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL im...
Vocera Voice Server
Vocera Report Server
NA
CVE-2022-46898
An issue exists in Vocera Report Server and Voice Server 5.x up to and including 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive ...
Vocera Voice Server
Vocera Report Server
NA
CVE-2022-46901
An issue exists in Vocera Report Server and Voice Server 5.x up to and including 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database...
Vocera Voice Server
Vocera Report Server
NA
CVE-2023-27877
IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905.
Ibm Cloud Pak For Data 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »