3641 matches found
ASB-A-134155286
In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
Penguin Aurora Box has an unauthorized access vulnerability
Penguin Aurora Box is a high-end network HD set-top box produced by Tencent Video in conjunction with Skyworth Digital. An unauthorized access vulnerability exists in Penguin Aurora Box. An attacker can exploit the vulnerability to gain unauthorized access to a specific link to remotely control a...
CKEditor Security Vulnerabilities
CKEditor is an open source, web-based text editor. A security vulnerability exists in CKEditor prior to CKEditor 4.16, which allows redos-type attacks to be executed in CKEditor 4 by inducing a victim to paste carefully crafted text into the styled input of a specific dialog box...
AVM Fritz!Box Command Injection (CVE-2014-9727)
A remote command injection vulnerability exists in AVM Fritz!Box. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Skyworth Digital Technology Limited Penguin Aurora Box has Denial of Service Vulnerability
Penguin Aurora Box is a high-end network HD set-top box produced by Tencent Video in conjunction with Skyworth Digital. A denial of service vulnerability exists in the Skyworth Digital Technology Limited Penguin Aurora Box, which can be exploited by attackers to cause a denial of service...
CVE-2021-2103
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2104
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2102
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
Design/Logic Flaw
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2102
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2104
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2103
CVE-2021-2103 affects Oracle’s Complex Maintenance, Repair, and Overhaul (dialog box) in Oracle Supply Chain. Affected versions: 11.5.10, 12.1, 12.2. The issue allows an unauthenticated attacker with network access via HTTP to compromise the system; exploitation requires human interaction. Impact...
CVE-2021-2102
The CVE-2021-2102 issue is in Oracle Complex Maintenance, Repair, and Overhaul (Dialog Box) for versions 11.5.10, 12.1, 12.2. It stems from insufficient access control, enabling an unauthenticated, network-accessible attacker (via HTTP) to access or modify data after user interaction. The Red Hat...
CVE-2021-2103
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2104
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain component: Dialog Box. Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
Oracle Dialog Box Security Vulnerability
Oracle Dialog Box is the United States Oracle Oracle company can generate a dialog box Windows API functions. This file exists in many Oracle products and provides dialog box support for the products. A security vulnerability exists in Oracle Dialog Box, which arises from unauthorized full access...
PT-2021-1774 · Oracle · Oracle Complex Maintenance
Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 11.5.10, 12.1, and 12.2 Description: The issue is related to insufficient access control in the Dialog Box component of the Oracle Complex Maintenance, Repair, and Overhaul product. It...
PT-2021-1742 · Oracle · Oracle Complex Maintenance
Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 11.5.10, 12.1, 12.2 Description: The issue is related to insufficient access control in the Dialog Box component of the Oracle Complex Maintenance, Repair, and Overhaul product. This...
Oracle Dialog Box Security Vulnerability
Oracle Dialog Box is the United States Oracle Oracle company can generate a dialog box Windows API functions. This file exists in many Oracle products and provides dialog box support for the products. A security vulnerability exists in Oracle Dialog Box that could allow an unauthenticated attacke...
ZTE ZXV10 B860A Information Disclosure Vulnerability
The ZTE ZXV10 B860A is a network set-top box from China's ZTE Corporation ZTE. The ZTE ZXV10 B860A suffers from an information disclosure vulnerability that stems from the device not adequately validating logs, which can be exploited by an attacker to gain access to sensitive user information for...