173 matches found
Remote file inclusion
Apps Manager for PCF Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5 allows unprivileged remote file read in its container via specially-crafted links...
CVE-2018-1200
CVE-2018-1200 affects the Apps Manager for PCF (Pivotal Application Service) versions 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5. The vulnerability allows an unprivileged attacker to read files from within the Apps Manager container via specially crafted links, resulting...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
Design/Logic Flaw
DISPUTED This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002...
PT-2017-11634 · Emc · Emc Data Protection Advisor
Name of the Vulnerable Software and Affected Versions: EMC Data Protection Advisor version 6.3.0 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. Authentication is required to exploit this issue. The specific flaw exists within the EMC DPA...
EMC Data Protection Advisor Remote Command Injection Vulnerability
EMC Data Protection Advisor is data protection management software. A remote command injection vulnerability exists in the EMC Data Protection Advisor Application service implementation, which could be exploited by a remote attacker to submit a special request to execute arbitrary code in the...
EMC Data Protection Advisor Application Service Static Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of EMC Data Protection Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by default. T...
Unauthorized Access Vulnerability in Huatian Power OA8000 System
Huatian Power OA8000 system is a collaborative OA office system. An unauthorized access vulnerability exists in the demo.oa8000.com/OAapp/bfapp/buffalo/hrApplicationFormService page of the Huatian Power OA8000 system. An attacker is allowed to gain access to obtain sensitive information...
CVE-2016-3523
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...
CVE-2016-3522
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...
CVE-2016-3523
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...
CVE-2016-3523
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service...
CVE-2016-3522
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...
CVE-2016-3522
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service...
CVE-2016-3522
CVE-2016-3522 refers to an unspecified vulnerability in the Oracle E-Business Suite Web Applications Desktop Integrator (WADI) component. Affected are E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, and 12.2.5. The flaw is reported under the Application Service subcomponent and allows remote at...
Unspecified Vulnerability in Oracle E-Business Suite Oracle Web Applications Desktop Integrator Component (CNVD-2016-05438)
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Web Applications Desktop Integrator is one of the Web application products desktop integrator component. An unspecified vulnerability exists in...
CVE-2015-6421
cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service WAAS and Virtual WAAS vWAAS devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service resource consumption and device reload via crafted network traffic, aka Bug...
Cisco Wide Area Application Service CIFS Denial of Service Vulnerability
A vulnerability in the Common Internet File System CIFS optimization feature of the Cisco Wide Area Application Service WAAS device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service DoS condition. The...