Lucene search
K

49 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/16 12:0 a.m.23 views

Fedora 37 : mingw-python-werkzeug (2023-af75e27098)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-af75e27098 advisory. Update to python-werkzeug-2.2.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS6.5AI score0.0142EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.6 views

SUSE CVE-2012-3139

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon local and SSO...

4.3CVSS6.7AI score0.01024EPSS
Exploits0References3
CVE
CVE
added 2023/02/14 7:56 p.m.445 views

CVE-2023-25577

Werkzeug prior to 2.2.3 contains a DoS vulnerability in its multipart form data parser that can parse an unlimited number of parts (including file parts). Attacks that send crafted multipart data to endpoints reading request.data, request.form, request.files, or request.get_data(parse_form_data=F...

7.5CVSS7.5AI score0.0142EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2023/02/14 7:56 p.m.470 views

CVE-2023-23934

CVE-2023-23934 affects the Werkzeug WSGI library. A bug in parsing nameless cookies (e.g., =__Host-test=bad) can lead to cookie shadowing where the cookie value is set for one subdomain but read as a different key by adjacent subdomains. The issue applies to Werkzeug versions before 2.2.3 and is ...

3.5CVSS5.2AI score0.00507EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/01/26 9:18 p.m.3 views

CVE-2023-23951

Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application...

6.1CVSS6.4AI score0.00514EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/07/11 8:59 p.m.9 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12) +14527 more potentially affected by CVE-2022-27772 via org.springframework.boot:spring-boot (>=1.0.0.RELEASE <=2.2.10.RELEASE)

org.springframework.boot:spring-boot MAVEN version =1.0.0.RELEASE, =4.4.0.0, =0.1.8, =0.1.6, =0.1.2, =0.0.6, =0.0.11, =0.0.16, =0.0.1, =0.0.47, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.21 and more Source cves: CVE-2022-27772 Source advisory: OSV:GHSA-CM59-PR5Q-CW85...

7.8CVSS7.2AI score0.00583EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/05/20 12:0 a.m.9 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.2 <=4.6.0.0), ai.ylyue:yue-library-auth-client (=j11.2.6.0) +1751 more potentially affected by CVE-2022-22978 via org.springframework.security:spring-security-core (>=5.6.0 <=5.6.3)

org.springframework.security:spring-security-core MAVEN version =5.6.0, =4.4.0.2, =1.3.1.RELEASE, =0.2.0, =0.8.3, =2.1.0.M8, =1.0.0, =2.7.0.Beta3, =2.7.0.Beta4, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.Beta3, =2.7.0.RC1 and more Source cves: CVE-2022-22978 Source advisory: OSV:GHSA-HH32-7344-CG2F...

9.8CVSS6.7AI score0.10037EPSS
Exploits6
OSV
OSV
added 2022/05/10 9:15 p.m.4 views

CVE-2022-29126

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability...

7CVSS7.3AI score0.006EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.15 views

The vulnerability of the acron application library of Avrora Center, related to uncontrolled resource consumption, allows a perpetrator to cause a service failure.

The vulnerability of the acron application library in Avroa Software Solutions is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures using a specially crafted regular expression...

7.5CVSS5.5AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/06/04 12:0 a.m.22 views

libtpms stack corruption vulnerability

libtpms is an application. Library that provides software emulation of trusted platform modules TPM 1.2 and TPM 2.0. libtpms has a security vulnerability that stems from a stack corruption bug that could lead to SIGBUS bad memory access and termination of swtpm. No detailed vulnerability details...

5.5CVSS1.9AI score0.00259EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/09/18 12:0 a.m.4 views

The vulnerability of the Diagnostics sub-component of the Oracle Application Object Library in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Diagnostics sub-component of the Oracle Application Object Library in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP...

4.7CVSS6.5AI score0.00985EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/07/17 9:15 p.m.5 views

CVE-2019-8931

Redbrick Shift through 3.4.3 allows an attacker to extract emails of services such as Gmail, Outlook, etc. used in the application...

7.5CVSS7.1AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.5 views

The vulnerability of the Attachments/File Upload component in the Oracle Application Object Library for Oracle E-Business Suite applications allows a malicious individual to gain unauthorized access to protected data.

The vulnerability of the Attachments/File Upload component in the Oracle Application Object Library of the Oracle E-Business Suite relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data...

5.3CVSS6.3AI score0.01943EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/10/17 1:31 a.m.5 views

CVE-2018-3244

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments / File Upload. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...

5.3CVSS5.8AI score0.01943EPSS
Exploits0References3
OSV
OSV
added 2018/04/19 2:29 a.m.4 views

CVE-2018-2867

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

5.3CVSS5.8AI score0.02022EPSS
Exploits0References3
OSV
OSV
added 2018/04/19 2:29 a.m.4 views

CVE-2018-2874

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Logging. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require...

4.3CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2018/04/19 2:29 a.m.5 views

CVE-2018-2804

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: DB Privileges. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

7.4CVSS5.8AI score0.0208EPSS
Exploits0References3
CNVD
CNVD
added 2018/01/17 12:0 a.m.7 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-02401)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...

5.8CVSS6.7AI score0.01124EPSS
Exploits0References1
OSV
OSV
added 2017/10/19 5:29 p.m.4 views

CVE-2017-10328

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

7.5CVSS7.3AI score0.02533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2017/08/08 3:0 p.m.8 views

CVE-2017-10244

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...

5.3AI score0.01985EPSS
Exploits0References3
Rows per page
Query Builder