Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Red Hat Security Advisory 2024-1686-03

Red Hat Security Advisory 2024-1686-03 - A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include an information leakage vulnerability.

Packet Storm
#sql#vulnerability#red_hat#js#ibm#postgres
Reconsider Your CNAPP Strategy Using These 5 Scenarios

Cloud-native application protection platforms (CNAPPs) sidestep siloed security and embed security into the earliest stages of application development.

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

A researcher received a $5,500 bug bounty for discovering a vulnerability (CVE-2024-2879) in LayerSlider, a plug-in with more than a million active installations.

User Registration And Login And User Management System 3.2 SQL Injection

User Registration and Login and User Management System version 3.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Red Hat Security Advisory 2024-1662-03

Red Hat Security Advisory 2024-1662-03 - An update is now available for Red Hat build of Quarkus. Issues addressed include denial of service, information leakage, and memory leak vulnerabilities.

Red Hat Security Advisory 2024-1649-03

Red Hat Security Advisory 2024-1649-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

How to Tame SQL Injection

As part of its Secure by Design initiative, CISA urged companies to redouble efforts to quash SQL injection vulnerabilities. Here's how.

Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0. The issue has been addressed in version

Computer Laboratory Management System 1.0 Cross Site Scripting

Computer Laboratory Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Computer Laboratory Management System 1.0 Insecure Direct Object Reference

Computer Laboratory Management System version 1.0 suffers from an insecure direct object reference vulnerability.