Lucene search
K

173 matches found

Prion
Prion
added 2018/03/16 8:29 p.m.19 views

Remote file inclusion

Apps Manager for PCF Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5 allows unprivileged remote file read in its container via specially-crafted links...

4.3CVSS6.5AI score0.01352EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/03/16 8:0 p.m.44 views

CVE-2018-1200

CVE-2018-1200 affects the Apps Manager for PCF (Pivotal Application Service) versions 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5. The vulnerability allows an unprivileged attacker to read files from within the Apps Manager container via specially crafted links, resulting...

6.5CVSS6.5AI score0.01352EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/12/15 6:29 p.m.12 views

CVE-2017-14101

A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...

9.8CVSS9.2AI score0.01438EPSS
Exploits0References1
Prion
Prion
added 2017/10/19 7:29 p.m.16 views

Design/Logic Flaw

DISPUTED This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002...

9CVSS9.2AI score0.06685EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2017/09/28 12:0 a.m.5 views

PT-2017-11634 · Emc · Emc Data Protection Advisor

Name of the Vulnerable Software and Affected Versions: EMC Data Protection Advisor version 6.3.0 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. Authentication is required to exploit this issue. The specific flaw exists within the EMC DPA...

9CVSS7.9AI score0.06685EPSS
Exploits0References5
CNVD
CNVD
added 2017/09/27 12:0 a.m.4 views

EMC Data Protection Advisor Remote Command Injection Vulnerability

EMC Data Protection Advisor is data protection management software. A remote command injection vulnerability exists in the EMC Data Protection Advisor Application service implementation, which could be exploited by a remote attacker to submit a special request to execute arbitrary code in the...

9CVSS9.2AI score0.06685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/09/15 12:0 a.m.24 views

EMC Data Protection Advisor Application Service Static Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by default. T...

7.8CVSS9.2AI score0.02217EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Unauthorized Access Vulnerability in Huatian Power OA8000 System

Huatian Power OA8000 system is a collaborative OA office system. An unauthorized access vulnerability exists in the demo.oa8000.com/OAapp/bfapp/buffalo/hrApplicationFormService page of the Huatian Power OA8000 system. An attacker is allowed to gain access to obtain sensitive information...

6.9AI score
Exploits0
OSV
OSV
added 2016/07/21 10:13 a.m.4 views

CVE-2016-3523

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...

4.7CVSS5.8AI score0.01918EPSS
Exploits0References4
NVD
NVD
added 2016/07/21 10:13 a.m.18 views

CVE-2016-3522

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...

8.5CVSS7.4AI score0.02914EPSS
Exploits0References4
Prion
Prion
added 2016/07/21 10:13 a.m.15 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...

4.3CVSS6.3AI score0.01918EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2016/07/21 10:13 a.m.14 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...

8.5CVSS6.1AI score0.02914EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2016/07/21 10:0 a.m.2 views

CVE-2016-3523

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...

5.6AI score0.01918EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/07/21 10:0 a.m.22 views

CVE-2016-3523

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...

4.5AI score0.01918EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/07/21 10:0 a.m.24 views

CVE-2016-3522

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...

7.2AI score0.02914EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2016/07/21 10:0 a.m.8 views

CVE-2016-3522

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...

5.8AI score0.02914EPSS
Exploits0References4
CVE
CVE
added 2016/07/21 10:0 a.m.38 views

CVE-2016-3522

CVE-2016-3522 refers to an unspecified vulnerability in the Oracle E-Business Suite Web Applications Desktop Integrator (WADI) component. Affected are E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, and 12.2.5. The flaw is reported under the Application Service subcomponent and allows remote at...

8.5CVSS7.5AI score0.02914EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/07/21 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle Web Applications Desktop Integrator Component (CNVD-2016-05438)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Web Applications Desktop Integrator is one of the Web application products desktop integrator component. An unspecified vulnerability exists in...

4.7CVSS6.8AI score0.01918EPSS
Exploits0References1
NVD
NVD
added 2016/01/27 10:59 p.m.16 views

CVE-2015-6421

cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service WAAS and Virtual WAAS vWAAS devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service resource consumption and device reload via crafted network traffic, aka Bug...

7.8CVSS7.4AI score0.01931EPSS
Exploits0References2
Cisco
Cisco
added 2016/01/27 4:0 p.m.45 views

Cisco Wide Area Application Service CIFS Denial of Service Vulnerability

A vulnerability in the Common Internet File System CIFS optimization feature of the Cisco Wide Area Application Service WAAS device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service DoS condition. The...

7.8CVSS7.5AI score0.01931EPSS
Exploits0References1
Rows per page
Query Builder