security vulnerability database

Learn about security vulnerability database, we have the largest and most updated security vulnerability database information on alibabacloud.com

Bash Vulnerability Security Hardening

Bash Vulnerability Hardening Scheme1Vulnerability DescriptionThe previous period of time to do security reinforcement, using the BVS scan host, according to the scanned report shows that there are two Bash vulnerabilities, respectively:① GNU Bash environment variable Remote Command execution vulnerability (cve-2014-6271)The GNU Bash 4.3 and previous versions hav

View database security from the instance of security Attack (iii) Analysis of database attack principle

Tags: An Huaqin and database security data leakage preventionabsrtact: This article will analyze the technology of SQL injection attack and the principle of database encryption technology and the protection effect, in order to discriminate database security technology misund

Perl Safe. pm module Security Restriction Bypass Vulnerability

Release date:Updated on: Affected Systems:Ubuntu 8.04 LTSUbuntu 6.06 LTSUbuntu 11.04Ubuntu 10.04 LTSUbuntu 10.10Description:--------------------------------------------------------------------------------Cve id: CVE-2010-1168, CVE-2010-1447 Perl is a free and powerful programming language. It is used for Web programming, database processing, XML processing, and system management. Safe. the pm Perl module processes the Safe: reval and Safe: rdo acce

Cisco Email Security Appliance Denial of Service Vulnerability (CVE-2015-6309)

Cisco Email Security Appliance Denial of Service Vulnerability (CVE-2015-6309)Cisco Email Security Appliance Denial of Service Vulnerability (CVE-2015-6309) Release date:Updated on:Affected Systems: Cisco Email Security Appliance 9.6.0-042Cisco Email

FireFTP Firefox extended double quotation mark Security Bypass Vulnerability

Figure-FireFTP FireFTP FirefoxExtended double quotation mark Security Bypass Vulnerability, the method is very simple. Bugraq ID: 36536 Cncan id: CNCAN-2009093003 Vulnerability cause Input verification error Impact System FireFTP 1.0.5 Unaffected System FireFTP 1.0.6 Hazards Remote attackers can exploit this vulnerability

Seed Information Security Experiment Series: Buffer Overflow Vulnerability experiment

the command "sudo sysctl-w kernel.randomize_va_space=2" to open the system's address space randomization mechanism, repeated use of exploit program to attack the stack program, to see if the attack succeeds, can gain root authority. 3, the/bin/sh to/bin/bash (or/bin/dash), to observe whether the attack succeeds, can gain root privileges. Please complete the above practice in the lab building environment.LicenseThe experiments involved in this course are from Syracuse SEED Labs , and on this bas

Linux and Security experiment One: Buffer Overflow vulnerability experiment

Linux and Security experiment One: Buffer overflow vulnerability Experiment 20125107 Nie Ai, experimental descriptionA buffer overflow is a scenario in which a program attempts to write to a buffer beyond the pre-allocated fixed-length data. This can have some serious consequences. Buffer overflow attack: by writing to the program's buffer beyond its length content, causing buffer overflow, thereby destroyi

Apache Tomcat Security Bypass Vulnerability (CVE-2018-1305)

Apache Tomcat Security Bypass Vulnerability (CVE-2018-1305)Apache Tomcat Security Bypass Vulnerability (CVE-2018-1305) Release date:Updated on:Affected Systems: Apache Group Tomcat 9.0.0.M1-9.0.4Apache Group Tomcat 8.5.0-8.5.27Apache Group Tomcat 8.0.0.RC1-8.0.49Apache Group Tomcat 7.0.0-7.0.84 Description: Bugtraq id

Bluebox Security reports how Android bypasses the application signature Authentication Vulnerability

I. Vulnerability descriptionSecurity company Bluebox Security recently claims that they have discovered vulnerabilities that may affect 99% devices in the Android system. According to this statement, this vulnerability has existed since Android 1.6 (Donut). malware makers can use it to modify the APK code without cracking the encrypted signature, attackers can by

XML Entity injection vulnerability Security Warning

Vulnerability Description: Extensible Markup Language (XML) is used to mark electronic files so that they have a structured Markup Language. It can be used to mark data and define data types, is a source language that allows you to define your own markup language. XML is a subset of the standard General Markup Language (SGML) and is suitable for Web transmission. XML provides a unified way to describe and exchange structured data independent of applic

PostgreSQL 'security definer' and 'set' attributes Remote Denial of Service Vulnerability

PostgreSQL 'security definer' and 'set' attributes Remote Denial of Service Vulnerability Release date:Updated on: 2012-06-06 Affected Systems:PostgreSQL 9.xPostgreSQL 8.xUnaffected system:PostgreSQL 9.1.4PostgreSQL 9.0.8PostgreSQL 8.4.12PostgreSQL 8.3.19Description:--------------------------------------------------------------------------------Bugtraq id: 53812Cve id: CVE-2012-2655 PostgreSQL is an advance

SQL injection vulnerability in tongjin cube of financial stocks (affecting the security of stock information leakage)

SQL injection vulnerability in tongjin cube of financial stocks (affecting the security of stock information leakage) Detailed description: Client.mfniu.com was found to have the SQL injection vulnerability in the earlier version of phpcms v9 system which was not updated to the latest version. In addition, it was found that the master site was exposed to inform

Improper handling of Oracle MySQL/MariaDB password SALT value Security Restriction Bypass Vulnerability

Release date: 2012-6 6Updated on: 2012-12-09 Affected Systems:Oracle MySQLOracle MariaDBDescription:--------------------------------------------------------------------------------Bugtraq id: 56837CVE (CAN) ID: CVE-2012-5627 Oracle MySQL Server is a small relational database management system. MariaDB is a MySQL branch version using the Maria storage engine and is a free open-source database server. MySQL/M

CGI security vulnerability Data Quick Check v1.0 (Turn one)

cgi| Security | Security vulnerabilities CGI security vulnerability data Quick Check v1.0 Date: 2000-8-15 ############################################################################# This article is taken from a friend. This is not a precious thing, if you usually pay attention to collect words, I believe many peop

"Serial" View database security from the instance of security Attack (ii) Analysis of security attack methods

connection request is sent to a port that, if it is the listening port of an Oracle server, will inevitably return a reject message and redirect message. As soon as one of the above two messages is received, the port is the listening port for the Oracle service.There are other software, such as Nmap software found that TCP port 80 is open to the Web server, UDP 53 port is open DNS server, while discovering packet filtering firewall, with the Nessus software to scan and analyze system vulnerabil

Cisco Web Security Appliance Denial of Service Vulnerability (CVE-2015-6386)

Cisco Web Security Appliance Denial of Service Vulnerability (CVE-2015-6386)Cisco Web Security Appliance Denial of Service Vulnerability (CVE-2015-6386) Release date:Updated on:Affected Systems: Cisco Web Security Appliance 8.5.1-021Cisco Web

Vulnerability overflow 360 security guard Reverse Analysis

Note: The test environment in this article is 360 security guard 9.0. The latest security guard version has fixed this vulnerability. Symptom After running a Trojan, you can disable the 360 security guard. After reverse analysis, it is found that the trojan simply runs the following code: /* Hmodule h360 = getmodulehan

IBM Security AppScan Source Local Privilege Escalation Vulnerability (CVE-2014-3072)

IBM Security AppScan Source Local Privilege Escalation Vulnerability (CVE-2014-3072) Release date:Updated on: Affected Systems:IBM Security AppScan Source 9.0IBM Security AppScan Source 8.8IBM Security AppScan Source 8.7IBM Security

Siemens COMOS Security Restriction Bypass Vulnerability with unknown details

Release date:Updated on: Affected Systems:Siemens COMOSDescription:--------------------------------------------------------------------------------Bugtraq id: 54978Cve id: CVE-2012-3009 Siemens COMOS is a world-leading software solution provider in the integrated lifecycle engineering field. Siemens COMOS has a security restriction bypass vulnerability with unknown details. Attackers can exploit this

Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152)

Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152)Oracle MySQL SSL certificate verification Security Restriction Bypass Vulnerability (CVE-2015-3152) Release date:Updated on:Affected Systems: Oracle MySQL Server Description: Bugtraq id: 74398CVE (CAN) ID: CVE-2015

Total Pages: 15 1 .... 6 7 8 9 10 .... 15 Go to: Go

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.