MAL-2025-21312 Malicious code in generator-watson-social-customer-care (npm)

The package generator-watson-social-customer-care was found to contain malicious code...

Malicious code in generator-watson-social-customer-care (npm)

The package generator-watson-social-customer-care was found to contain malicious code...

CVE-2025-21516

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customer Care...

The vulnerability of the Service Requests component of the Oracle Customer Care software solution in the Oracle E-Business Suite, which allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Service Requests component in the Oracle Customer Care software of the Oracle E-Business Suite lies in the lack of an authentication mechanism. Exploiting this vulnerability allows a malicious actor to manipulate the confidentiality and integrity of protected information...

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in Oracle E-Business Suite Specifically for the Advanced Outbound Telephony, Project Foundation, Customer Care and Workflow components. The vulnerabilities are in several components of the Oracle E-Business Suite. The Advanced Outbound Telephony component contains...

Oracle E-Business Suite (January 2025 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are...

CVE-2025-21516

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customer Care...

CVE-2025-21516

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customer Care...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Customer Care versions 12.2.5...

Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : EcoStruxure Power Monitoring Expert, EcoStruxure Power Operation with Advanced Reports, EcoStruxure Power SCADA Operation with Advanced Reports Vulnerability :...

AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient

IBM SECURITY ADVISORY First Issued: Thu Apr 13 13:44:57 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/commonshttpadvisory.asc Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient...

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...

How one Microsoft software engineer works to improve access management

There’s still a perception that the most successful computer scientists learn programming at a young age, study engineering at a top school, and then get a software development job right out of college. While that’s how many people enter the field, it’s not the only path. Microsoft Software...

Error: Citrix Licensing Manager could not complete the operation. If you are trying to allocate a license, go to My Account.

The error "Citrix Licensing Manager could not complete the operation. If you are trying to allocate a license, go toMy Account. For assistance, contact Citrix Customer Care" is returned after allocating a license using Citrix Licensing Manger...

Critical Cisco Bug in Unified CCX Allows Remote Code Execution

Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express CCX. Cisco’s Unified CCX software is touted as a “contact center in a box” that allows companies to deploy customer-care applications. Th...

Orpak SiteOmat

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Orpak acquired by Gilbarco Veeder-Root Equipment: SiteOmat Vulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of...

Lenovo Customer Care Software Development Kit Local Elevation of Privilege Vulnerability

The Lenovo Customer Care Software Development Kit CCSDK is a set of pre-installed software for program maintenance use by the Chinese company Lenovo. A local elevation of privilege vulnerability exists in Lenovo Customer Care Software Development Kit. A local attacker could exploit this...

Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm

Magnet Networks Tesley CPVA 642 Router - Weak WPA-PSK Passphrase Algorithm Exploit Title: Magnet Networks – Weak WPA-PSK passphrases used in Tesley CPVA 642 Router Google Dork: Date: 01/06/2016 Author: Matt O'Connor Advisory Link: https://www.rgb.ie/magnet-broadband-weak-wpa-psk-algorithm.pdf...

LiveWorld Multiple Products - Cross Site Scripting

LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for online meetings, customer care, and loyalty marketing...

LiveWorld Multiple Products - Cross Site Scripting

LiveWorld Multiple Products - Cross Site Scripting LiveWorld Cross Site Scripting Vendor: LiveWorld, Inc Product: LiveWorld Version: Multiple Products Website: http://www.liveworld.com CVE: CVE-2004-2566 OSVDB: 9180 PACKETSTORM: 34143 Description: LiveWorld provides collaborative services for...