CVE-2016-0568

CVE-2016-0568 affects Oracle E-Business Suite (12.1.1–12.1.3) specifically the Oracle Email Center Server Components. The vulnerability is described as unspecified with remote attackers potentially compromising confidentiality via unknown vectors related to Server Components. The available connec...

CVE-2016-0515

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0514...

CVE-2016-0514

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0515...

CVE-2016-0578

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components...

CVE-2016-0577

Technical details (affected products/versions, root cause, exploitability, and fixes) for CVE-2016-0577 are not publicly provided in the connected documents. Monitor for updates.

CVE-2016-0579

Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0582, CVE-2016-0583, and CVE-2016-0584...

CVE-2016-0583

Technical details for CVE-2016-0583 are not publicly available in the provided documents. Connected sources reference unspecified vulnerabilities in Oracle E-Business Suite BIS Common Component, but no concrete technical details, affected versions, or fixes are disclosed here. Monitor for updates.

Vulnerabilities of the Debian GNU/Linux operating system, allowing attackers to inject arbitrary SMTP commands

The Debian GNU/Linux operating system has multiple vulnerabilities due to the failure to address the issue of handling CRLF sequences carriage return followed by line feed. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary SMTP commands through CRLF sequences into the...

OpenJDK: URL deserialization inconsistencies (Networking, 8059054)

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...

CVE-2015-8755

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...

CVE-2015-8758

Multiple cross-site scripting XSS vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...

PT-2016-1113 · Ibm +1 · Ibm Tivoli Common Reporting +7

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions affected versions not specified IBM Tivoli Common Reporting versions affected versions not specified IBM Sterling B2B Integrator versions affected versions not specified IBM Sterling Integrator versio...

Symfony PHP Framework Session Fixation

Advisory: Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality A session fixation vulnerability within the Symfony web application framework's "Remember Me" login functionality allows an attacker to impersonate the victim towards the web application if the session ID value...

Joomlavs - A Black Box, Joomla Vulnerability Scanner

JoomlaVS is a Ruby application that can help automate assessing how vulnerable a Joomla installation is to exploitation. It supports basic finger printing and can scan for vulnerabilities in components, modules and templates as well as vulnerabilities that exist within Joomla itself. How to insta...

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit)

require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various...

CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache...

Design/Logic Flaw

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache...

CVE-2015-5006

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache...