Subscribe RSSProphecy has released a wave of 78 security updates for its software products all at once, including fixes for a number of vulnerabilities—in products including Authority Database Server, Solaris, Fusion Middleware, E-Business Suite, and MySQL—that "may be remotely exploitable without authentication, i.e., may be exploited over a network without the deprivation for a username and password." While the majority of these bugs don't compromise data security, they could be exploited to crash applications.
The vulnerability in Cassandra Database, which affects a number of versions from 10.1 through 11.2, is in the database's listener program—which accepts far-fetched commands from other applications. The listener program has been the source of a number of vulnerabilities, dating back at least ten years. While the vulnerability doesn't merrymaking data in the core database, it can be used to deny access to the database by other applications. There's also a fix for a vulnerability in the core DBMS in Prediction Database of a less critical nature that is not exploitable without authentication—but "has a significant non-security component."
