PT-2019-3753 · Oracle · Adf +2

Name of the Vulnerable Software and Affected Versions: Oracle JDeveloper and ADF versions 11.1.1.9.0 through 12.2.1.3.0 Description: The issue is related to insufficient access control in the OAM component of Oracle JDeveloper and ADF, allowing a remote attacker to gain unauthorized access to...

Oracle Java SE Security Updates (jul2019-5072835) 01 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Database Server CVE-2018-3110

The remote Oracle Database Server is missing patches. It is, therefore, affected by CVE-2018-3110. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

phpLiteAdmin Authentication Bypass Vulnerability

phpLiteAdmin is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2018-9048 · Microsoft · Windows 8.1 +7

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue allows an elevation of privilege due to the way memory addresses are handled. An elevation-of-privilege vulnerability allows attackers to affect the system. Recommendations: F...

Oracle Mysql Security Updates (jan2012-366304) 01 - Linux

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple Mac OS X Multiple Vulnerabilities-03 (Apr 2017)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2016-7515 · Libcsp · Libcsp

Name of the Vulnerable Software and Affected Versions: libcsp library versions 1.4 and earlier Description: The issue is related to a buffer overflow in the csp sfp recv fp function in csp sfp.c. This allows hostile components with network access to the SFP underlying network layers to execute...

Geeklog IVYWE edition contains a cross-site scripting vulnerability

Overview Geeklog is an open source content management system CMS. Geeklog IVYWE edition contains a cross-site scripting CWE-79 vulnerability. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

Oracle MySQL Multiple Unspecified Vulnerabilities-24 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

a-blog cms vulnerable to session management

Overview a-blog cms provided by appleple Inc. is a content management system CMS. a-blog cms contains a vulnerability in session management of the comment functionality. Yuya Yoshida of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

baserCMS vulnerable to OS command injection

Overview baserCMS is an open-source Contents Management System CMS. baserCMS contains an OS command injection vulnerability CWE-78. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary OS...

NetFlow Analyzer vulnerable to cross-site scripting

Overview NetFlow Analyzer provided by Zoho Corporation contains a cross-site scripting vulnerability. Tomoshige Hasegawa, Akihito Mukai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may...

Oracle Identity Manager Identity Console (January 2014 CPU)

The remote host is missing the January 2014 Critical Patch Update for Oracle Identity Manager. It is, therefore, potentially affected by multiple, unspecified vulnerabilities in the Identity Console sub-component of Oracle Identity Manager. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)

The following security issues have been fixed : - bnc828020:. CVE-2013-4635 - Integer overflow in SdnToJewish - bnc829207:. CVE-2013-4113 - heap corruption due to badly formed xml %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

JBoss RichFaces vulnerable to remote code execution

Overview JBoss RichFaces contains a remote code execution vulnerability due to an issue with deserialization. JBoss RichFaces is a framework for integrating Ajax into web applications. JBoss RichFaces applications contain a deserialization interface where end users may provide input. This interfa...

JVN#78305073: @WEB ShoppingCart vulnerable to cross-site scripting

@WEB ShoppingCart provided by WEBLOGIC CORPORATION. is a system for creating shopping websites. @WEB ShoppingCart contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the appropriate patch according to th...

Oracle Application Server < 1.3.1.27 Unspecified Vulnerability (cpujan2008)

Oracle Application Server AS is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpLDAPadmin '_debug' Cross Site Scripting Vulnerability

This host is running phpLDAPadmin and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbphpldapadmindebugxssvuln.nasl 5793 2017-03-30 13:40:15Z cfi $ phpLDAPadmin 'debug' Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone...

Adobe Photoshop '.GIF' File Processing Memory Corruption Vulnerability

This host is installed with Adobe Photoshop and is prone to remote code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodadobephotoshopgifmemcorruptionvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Adobe Photoshop '.GIF' File Processing Memory Corruption Vulnerability Authors: Rachana...