#sql

Red Hat Security Advisory 2021-4130-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

Pentaho Business Analytics and Pentaho Business Server versions 9.1 and below suffer from an authentication bypass vulnerability related to Spring APIs.

PHP Event Calendar Lite Edition suffers from a persistent cross site scripting vulnerability.

IBM Sterling B2B Integrator suffers from a cross site scripting vulnerability. Versions affected include 5.2.0.0 through 5.2.6.5_3, 6.0.0.0 through 6.0.3.4, and 6.1.0.0 through 6.1.0.2.

Backdoor.Win32.Ncx.b malware suffers from a code execution vulnerability.

ImportExportTools NG version 10.0.4 suffers from an html injection vulnerability.

Pentaho implements a series of web services using the SOAP protocol to allow scripting interaction with the backend server. While most of the interfaces correctly implement ACL, the Data Source Management Service located at /pentaho/webservices/datasourceMgmtService allows low-privilege authenticated users to list the connection details of all data sources used by Pentaho.

Red Hat Security Advisory 2021-4132-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

PHP Event Calendar Lite Edition suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Backdoor.Win32.Ncx.b malware suffers from a buffer overflow vulnerability.