Oracle Public Sector Financials (International) 安全漏洞

Oracle Public Sector Financials International is a financial management system for the public sector developed by Oracle Corporation. Versions 12.2.6 to 12.2.15 of Oracle Public Sector Financials International have security vulnerabilities. These vulnerabilities stem from issues with the...

PT-2026-44519

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Public Sector Financials International versions 12.2.6 through 12.2.15 Description An issue exists in the Authorization component of Oracle Public Sector Financials International. A low privileged attacker with...

CVE-2024-21128

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.2.6-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object...

PT-2024-7010 · Oracle · Oracle Common Applications Calendar +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.6 through 12.2.13 Description: The issue is related to a vulnerability in the Oracle Common Applications Calendar product, specifically in the Tasks component. This vulnerability can be easily exploited b...

CVE-2024-32872

Umbraco workflow provides workflows for the Umbraco content management system. Prior to versions 10.3.9, 12.2.6, and 13.0.6, an Umbraco Backoffice user can modify requests to a particular API endpoint to include SQL, which will be executed by the server. Umbraco Workflow versions 10.3.9, 12.2.6,...

Code injection

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-21477

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments, File Upload. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

GitLab Authorization Issues Vulnerability (CNVD-2020-13192)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...

Information disclosure

An information disclosure exists in 12.3.2, 12.2.6, and 12.1.12 for GitLab Community Edition CE and Enterprise Edition EE. When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API...

CVE-2019-15582

Removed by vendor...

CVE-2019-15584

A denial of service exists in gitlab v12.3.2, v12.2.6, and v12.1.10 that would let an attacker bypass input validation in markdown fields take down the affected page...

Gitlab Information Disclosure Vulnerability (CNVD-2020-03757)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An information disclosure vulnerability exists in GitLab...

Gitlab Improper Access Control Vulnerability (CNVD-2020-03758)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An improper access control vulnerability exists in Gitlab...

CVE-2019-2675

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

Design/Logic Flaw

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2018-3236

Vulnerability in the Oracle User Management component of Oracle E-Business Suite subcomponent: Reports. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2018-3167

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...

CVE-2018-3167

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...

CVE-2018-2864

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

CVE-2018-2804

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: DB Privileges. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...