The vulnerability of the Networking component of the Java SE software platform and the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines allows attackers to access, modify, add, or delete data.

The vulnerability of the Networking component of the Java SE software platform and the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK virtual machines is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to, modify, add, o...

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an attacker to gain access to modify, add, or delete data, or to cause a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data, or cause service failures...

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read, modify, add, or delete data...

CVE-2023-2275

The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'getitem', 'getordernotes' and 'addordernote' functions in versions up to, and including, 1.5.3. This makes it possibl...

Design/Logic Flaw

The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'getitem', 'getordernotes' and 'addordernote' functions in versions up to, and including, 1.5.3. This makes it possibl...

CVE-2023-2275 WooCommerce Multivendor Marketplace – REST API <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order/Order Note Disclosure, Order Note Addition via REST API

The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'getitem', 'getordernotes' and 'addordernote' functions in versions up to, and including, 1.5.3. This makes it possibl...

CVE-2023-2275

The CVE-2023-2275 entry concerns the WooCommerce Multivendor Marketplace – REST API plugin for WordPress. It describes a vulnerability caused by missing capability checks in get_item, get_order_notes, and add_order_note, affecting versions up to 1.5.3. The impact stated across connected sources i...

CVE-2023-2275 WooCommerce Multivendor Marketplace – REST API <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order/Order Note Disclosure, Order Note Addition via REST API

The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'getitem', 'getordernotes' and 'addordernote' functions in versions up to, and including, 1.5.3. This makes it possibl...

The vulnerability of the Routing Hub sub-component of the Oracle Banking Virtual Account Management component in the banking analytics system of the Oracle Financial Services Applications allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Routing Hub subcomponent of the Oracle Banking Virtual Account Management component in the banking analytics system of the Oracle Financial Services Applications is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

Simple Cold Storage Management System SQL注入漏洞

Simple Cold Storage Management System is a simple cold storage management system. A SQL injection vulnerability exists in Simple Cold Storage Management System. An attacker could use this vulnerability to view, add, modify, or delete information in a back-end database...

The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform lies in the lack of security measures for the website structure, allowing attackers to view, add, modify, or delete data.

The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to remotely view, add, modify, or delete data...

CVE-2022-22102

Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto...

The vulnerability of the Fluid Core component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain read, modify, add, or delete access to data.

The vulnerability of the Fluid Core component in the Oracle PeopleSoft Enterprise PeopleTools business application suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data...

The vulnerability of the JNDI component of the Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows attackers to access, modify, add, or delete data.

The vulnerability of the JNDI component of the Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete...

The vulnerability of the Reports sub-component of the Oracle Financial Services Crime and Compliance Investigation Hub component of the banking analytics system’s simulation model, allowing a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Reports sub-component of the Oracle Financial Services Crime and Compliance Investigation Hub component of the banking analytics system’s simulation model exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify,...

The vulnerability of the Oracle Database - Enterprise Edition Data Redaction component of the Oracle Database Server system allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Enterprise Edition Data Redaction component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...

The vulnerability of the Oracle Application Express Data Reporter component of the Oracle Database Server database management system allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the Oracle Application Express Data Reporter component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain...

The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain read, modify, add, or delete access to data.

The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain access to read, modify, add, or delete data...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a attacker to access, modify, add, or delete data.

The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data through HTTP requests...