42 matches found
SUSE: Security Advisory (SUSE-SU-2025:02302-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-20941
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: HTML UI. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful...
CVE-2022-21251
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Instance Main. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base...
RHEL 8 : redhat-ds:11 (RHSA-2022:8886)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8886 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP serve...
The vulnerability of the VBASE Automation Base software platform, related to incorrect restrictions on XML references to external objects, allows attackers to trigger service failures or gain unauthorized access to confidential data.
The vulnerability of the VBASE Automation Base software platform relates to incorrect restrictions on XML references pointing to external objects. Exploiting this vulnerability can allow attackers to cause service failures or gain unauthorized access to confidential data...
cyfs-chunk-lib (=0.5.0), cyfs-cip (>=0.5.0 <=0.6.4) +1 more potentially affected by unknown CVE via cyfs-base (>=0.5.5 <=0.6.12)
cyfs-base CARGO version =0.5.5, =0.5.0, =0.6.4 - cyfs-core =0.5.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0046...
sap-ai-sdk-core (>=3.0.3 <=3.0.11) potentially affected by CVE-2023-25617 via sap-ai-sdk-base (>=3.1.2 <=3.1.6)
sap-ai-sdk-base PYPI version =3.1.2, =3.0.3, =3.0.11 Source cves: CVE-2023-25617 Source advisory: OSV:GHSA-XXHH-59GH-6FFX...
SUSE CVE-2012-3227
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability th...
SUSE CVE-2012-5064
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect confidentiality, related to BASE...
Prototype Pollution
cache-base is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Red Hat OpenShift Container Platform openshift/apb-base unsafe modification vulnerability
Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in openshift/apb-base that...
CVE-2018-10850
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service...
The vulnerability of the texlive-base package in the TeX Live system allows a perpetrator to execute arbitrary commands.
The vulnerability of the texlive-base package in the TeX Live system is related to the inclusion of the mpost command in the list of commands allowed to be executed from the original TeX code. The mpost command allows for the execution of other programs during the compilation of TeX documents...
Oracle Hospitality Guest Access Unauthorized Read Vulnerability
Oracle Hospitality Applications is a set of business applications, servers and storage solutions for hospitality management from Oracle. The solution provides human resources cost management, provide customers with the entire journey to track the management of services to improve customer...
CVE-2017-3361
Vulnerability in the Oracle Installed Base component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
JVN#09460804: Knowledge vulnerable to cross-site request forgery
Knowledge provided by support-project.org is an open-source knowledge base platform. Knowledge contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update to the...
Microsoft Windows Media Base Memory Corruption Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory corruption vulnerability exists when the Windows media base fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could install programs; view,...
The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the kernel-vmi-base package of the OpenSUSE operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...
CVE-2012-3226
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confidentiality and integrity, related to BASE...
CVE-2012-3227
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability th...