CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2024/10/15 8:15 p.m.•7 views

CVE-2024-21264

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft component: Activity Guide Composer. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

5.4CVSS0.00631EPSS

Prion•added 2023/07/18 9:15 p.m.•22 views

Design/Logic Flaw

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: WebClient. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human...

4.9CVSS5.3AI score0.00288EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2023/03/08 12:25 p.m.•32 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 affects CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary There is a vulnerability which is related to identity spoofing in IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 used by CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition. CICS Transaction Gateway has addressed th...

5.4CVSS5.3AI score0.00239EPSS

OSV•added 2021/04/22 10:15 p.m.•1 views

CVE-2021-2315

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.4CVSS7.3AI score

IBM Security Bulletins•added 2020/09/16 4:6 p.m.•34 views

Security Bulletin: Vulnerabilities in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager (CVE-2019-18348)

Summary Vulnerabilities in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager CVE-2019-18348 Vulnerability Details CVEID: CVE-2019-18348 DESCRIPTION: Python is vulnerable to HTTP header injection, caused by improper validation of input in the urllib2. By sending a...

6.1CVSS1.2AI score0.02672EPSS

IBM Security Bulletins•added 2020/07/08 4:35 p.m.•9 views

Security Bulletin: Missing or insecure "Content-Security-Policy" header affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary A missing or insecure "Content-Security-Policy" header was affecting some of the Watson Knowledge Catalog for IBM Cloud Pak for Data web UIs. The issue is now addressed. Vulnerability Details Third Party Entry: PSIRT-ADV0020520 DESCRIPTION: Created from Advisory: ADV0020520 CVSS Base scor...

1.3AI score

Cvelist•added 2020/01/15 4:34 p.m.•10 views

CVE-2020-2710

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payment...

5.4CVSS5AI score0.00255EPSS

UbuntuCve•added 2019/07/23 11:15 p.m.•25 views

CVE-2019-2731

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.7.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

5.5CVSS6.7AI score0.0056EPSS

Exploits0References2

NVD•added 2018/07/18 1:29 p.m.•9 views

CVE-2018-2980

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable...

5.5CVSS4.5AI score0.00467EPSS

Cvelist•added 2018/07/18 1:0 p.m.•18 views

CVE-2018-3042

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...

5.1AI score0.00467EPSS

Vulnrichment•added 2018/07/18 1:0 p.m.•8 views

CVE-2018-3045

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

5.5AI score0.00198EPSS

IBM Security Bulletins•added 2018/06/17 3:10 p.m.•22 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Storage FlashCopy Manager on Solaris and HP-UX platforms (CVE-2015-0383)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by FlashCopy Manager. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0383 DESCRIPTION: An unspecified vulnerability ...

5.4CVSS0.00078EPSS

IBM Security Bulletins•added 2018/06/17 12:18 p.m.•16 views

Security Bulletin: IBM Content Navigator Cross Site Scripting Vulnerability

Summary This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID: CVE-2017-1282 DESCRIPTION: IBM Content Navigator & CMIS is...

5.4CVSS1.2AI score0.00227EPSS

IBM Security Bulletins•added 2018/06/16 9:41 p.m.•23 views

Security Bulletin: Cross-site scripting vulnerability affects IBM Security Key Lifecycle Manager (CVE-2015-7417)

Summary There is a cross-site scripting vulnerability in IBM WebSphere Application Server for any consumers of the OAuth provider output affects IBM Security Key Lifecycle Manager. Vulnerability Details CVEID: CVE-2015-7417 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site...

5.4CVSS1.1AI score0.00172EPSS

NVD•added 2018/01/18 2:29 a.m.•13 views

CVE-2018-2691

Vulnerability in the Oracle User Management component of Oracle E-Business Suite subcomponent: Proxy User Delegation. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

5.5CVSS4.8AI score0.00198EPSS

NVD•added 2017/08/08 3:29 p.m.•12 views

CVE-2017-10098

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily exploitable vulnerability allows low privileg...

5.5CVSS4.2AI score0.00173EPSS

NVD•added 2017/08/08 3:29 p.m.•12 views

CVE-2017-10012

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Operations. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

5.5CVSS4.2AI score0.00198EPSS