RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1132 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaD...

mysql: unspecified vulnerability related to Server:SP (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP...

mysql: unspecified vulnerability related to Client programs (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB...

mysql: unspecified vulnerability related to Server:InnoDB (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB...

mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges...

[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite XXE injection Advisory ID: ERPSCAN-15-028 Advisory URL: http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe-injection-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...

[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite - XXE injection Advisory ID: ERPSCAN-15-029 Advisory URL: http://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe-injection-vulnerability/ Date published: 21.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...

mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges...

mysql: unspecified vulnerability related to Server:Security:Privileges (CPU October 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges...

RHEL 5 : mysql55-mysql (RHSA-2015:1628)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1628 advisory. - mysql: unspecified vulnerability related to Server:InnoDB:DML CPU Jan 2015 CVE-2014-6568 - mysql: unspecified vulnerability related to...

Oracle E-Business Suite - XXE injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: XML External Entit...

Oracle E-Business Suite - SQL injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: SQL injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin, Egor Karbutov ERPScan VULNERABILITY INFORMATION Class: SQL...

Oracle E-Business Suite - Cross-site Scripting vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: Cross-site Scripting Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: Cross-site...

Oracle E-Business Suite - XXE injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: XML External Entit...