Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database security vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-20211
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote malicious user to conduct SQL injection attacks on ...
Cisco Unified Communications Manager 14.0
Cisco Unified Communications Manager
8.8
CVSSv3
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
4.3
CVSSv3
CVE-2023-39418
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Debian Debian Linux 12.0
7.8
CVSSv3
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local malicious user to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. A...
Cisco Broadworks Application Server
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Network Server
Cisco Broadworks Profile Server
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Troubleshooting Server
Cisco Broadworks Network Function Manager
Cisco Broadworks Network Database Server
Cisco Broadworks Execution Server
Cisco Broadworks Database Server
Cisco Broadworks Service Control Function Server
Cisco Broadworks Media Server
8.8
CVSSv3
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua sc...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
6
CVSSv3
CVE-2023-20210
A vulnerability in Cisco BroadWorks could allow an authenticated, local malicious user to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability...
Cisco Broadworks Application Delivery Platform Firmware 23.0
Cisco Broadworks Application Delivery Platform Firmware 24.0
Cisco Broadworks Application Delivery Platform Firmware 25.0
Cisco Broadworks Application Server Firmware 23.0
Cisco Broadworks Application Server Firmware 24.0
Cisco Broadworks Application Server Firmware 25.0
Cisco Broadworks Database Server Firmware 23.0
Cisco Broadworks Database Server Firmware 24.0
Cisco Broadworks Database Server Firmware 25.0
Cisco Broadworks Database Troubleshooting Server Firmware 23.0
Cisco Broadworks Database Troubleshooting Server Firmware 24.0
Cisco Broadworks Database Troubleshooting Server Firmware 25.0
Cisco Broadworks Execution Server Firmware 23.0
Cisco Broadworks Execution Server Firmware 24.0
Cisco Broadworks Execution Server Firmware 25.0
Cisco Broadworks Media Server Firmware 23.0
Cisco Broadworks Media Server Firmware 24.0
Cisco Broadworks Media Server Firmware 25.0
Cisco Broadworks Messaging Server Firmware 23.0
Cisco Broadworks Messaging Server Firmware 24.0
Cisco Broadworks Messaging Server Firmware 25.0
Cisco Broadworks Network Database Server Firmware 23.0
8.8
CVSSv3
CVE-2023-36824
Redis is an in-memory database that persists on disk. In Redit 7.0 before 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code executio...
Redis Redis
Fedoraproject Fedora 37
Fedoraproject Fedora 38
5.5
CVSSv3
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
Libreoffice Libreoffice 7.5.0
Libreoffice Libreoffice
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.3
CVSSv3
CVE-2023-35930
SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user making a negative authorization decision based on the results of a `LookupResources` request with 1.22.0 is affected. For example, us...
Authzed Spicedb 1.22.0
7.5
CVSSv3
CVE-2023-2828
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the con...
Isc Bind
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Active Iq Unified Manager -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »