what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

CVE-2020-25638

Status Candidate

Overview

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

Related Files

Red Hat Security Advisory 2020-5388-01
Posted Jan 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support for Spring Boot 2.2.10, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-11996, CVE-2020-25638
MD5 | b3bdc25df3f101e501f013f1465ac1d3
Red Hat Security Advisory 2020-5361-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5361-01 - This release of Red Hat build of Thorntail 2.7.2 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include XML injection, bypass, denial of service, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-14299, CVE-2020-14338, CVE-2020-14340, CVE-2020-25638, CVE-2020-25649
MD5 | 18127811ab5157ce8edc1fde98458362
Red Hat Security Advisory 2020-5533-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5533-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.4 serves as a replacement for Red Hat Single Sign-On 7.4.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2020-10695, CVE-2020-13822, CVE-2020-25638, CVE-2020-25649, CVE-2020-27826
MD5 | 670eb1fe56304679a7ace1ab4d8fa0ea
Red Hat Security Advisory 2020-5342-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5342-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | f3da3a857cd5d1a25083fe1074923453
Red Hat Security Advisory 2020-5341-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5341-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | 2f32d3532759da33ac105fbb5d9559db
Red Hat Security Advisory 2020-5340-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5340-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | fd5f47be3b183253dfdf3ec7a25d546f
Red Hat Security Advisory 2020-5344-01
Posted Dec 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5344-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include XML injection, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, java, remote, vulnerability, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2020-25638, CVE-2020-25644, CVE-2020-25649
MD5 | 94085eef489b46d47ad00938de334025
Red Hat Security Advisory 2020-5302-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5302-01 - This release of Red Hat build of Quarkus 1.7.5 SP1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 530ae33c260b949f7141641955a37664
Red Hat Security Advisory 2020-5254-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5254-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, remote, web, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 0ef821bdbfc1a427665366f9f418b4a3
Red Hat Security Advisory 2020-5175-01
Posted Nov 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5175-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 03836c1adb86dcbbd973c50adde4b91e
Red Hat Security Advisory 2020-5174-01
Posted Nov 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5174-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a remote SQL injection vulnerability.

tags | advisory, java, remote, sql injection
systems | linux, redhat
advisories | CVE-2020-25638
MD5 | 63e165c7fabd40e538c328aef56ed1c5
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    12 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close