Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Debian Security Advisory 5746-1

Debian Linux Security Advisory 5746-1 - Noah Misch discovered a race condition in the pg_dump tool included in PostgreSQL, which may result in privilege escalation.

Packet Storm
#sql#linux#debian#js#postgres
Debian Security Advisory 5745-1

Debian Linux Security Advisory 5745-1 - Noah Misch discovered a race condition in the pg_dump tool included in PostgreSQL, which may result in privilege escalation.

Gentoo Linux Security Advisory 202408-15

Gentoo Linux Security Advisory 202408-15 - Multiple vulnerabilities have been discovered in Percona XtraBackup, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 8.0.29.22 are affected.

Farmacia Gama 1.0 File Inclusion

Farmacia Gama version 1.0 suffers from a file inclusion vulnerability.

GHSA-p6w9-r443-r752: Shopware vulnerable to blind SQL-injection in DAL aggregations

### Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this “aggregations” object is vulnerable SQL-injection and can be exploited using SQL parameters. ### Patches Update to Shopware 6.6.5.1 or 6.5.8.13 ### Workarounds For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. ### Credit [LogicalTrust](https://logicaltrust.net)

GHSA-pv4p-cwwg-4rph: Django SQL injection vulnerability

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.

WordPress PayPlus Payment Gateway SQL Injection

WordPress PayPlus Payment Gateway plugin versions prior to 6.6.9 suffer from a remote SQL injection vulnerability.

Red Hat Security Advisory 2024-5056-03

Red Hat Security Advisory 2024-5056-03 - Red Hat Integration Camel K 1.10.7 release and security update is now available.

eduAuthorities 1.0 SQL Injection

eduAuthorities version 1.0 suffers from a remote SQL injection vulnerability.