Lucene search
K

331 matches found

OSV
OSV
added 2018/01/18 2:29 a.m.3 views

CVE-2018-2656

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite subcomponent: Data Manager Server. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...

9.1CVSS7.3AI score0.01912EPSS
Exploits0References3
CVE
CVE
added 2018/01/18 2:0 a.m.55 views

CVE-2018-2656

CVE-2018-2656 affects Oracle E-Business Suite’s Oracle General Ledger component, specifically the Data Manager Server. Affected versions include 12.1.1, 12.1.2, 12.1.3, 12.2.3–12.2.7. The flaw is actionable by an unauthenticated attacker over HTTP with network access, enabling unauthorized creati...

9.1CVSS8.2AI score0.01912EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/18 2:0 a.m.19 views

CVE-2018-2656

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite subcomponent: Data Manager Server. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...

8.4AI score0.01912EPSS
Exploits0References3
CNVD
CNVD
added 2018/01/17 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-02405)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...

9.1CVSS6.7AI score0.01912EPSS
Exploits0References1
OSV
OSV
added 2017/12/27 5:8 p.m.2 views

CVE-2017-9944

A vulnerability has been identified in Siemens 7KT PAC1200 data manager 7KT1260 in all versions V2.03. The integrated web server port 80/tcp of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network...

9.8CVSS5.8AI score0.0298EPSS
Exploits0References2
NVD
NVD
added 2017/12/27 5:8 p.m.9 views

CVE-2017-9944

A vulnerability has been identified in Siemens 7KT PAC1200 data manager 7KT1260 in all versions V2.03. The integrated web server port 80/tcp of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network...

10CVSS9.4AI score0.0298EPSS
Exploits0References2
Prion
Prion
added 2017/12/27 5:8 p.m.12 views

Design/Logic Flaw

A vulnerability has been identified in Siemens 7KT PAC1200 data manager 7KT1260 in all versions V2.03. The integrated web server port 80/tcp of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network...

10CVSS7.2AI score0.0298EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/12/26 4:0 a.m.14 views

CVE-2017-9944

A vulnerability has been identified in Siemens 7KT PAC1200 data manager 7KT1260 in all versions V2.03. The integrated web server port 80/tcp of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network...

9.3AI score0.0298EPSS
Exploits0References2
CNVD
CNVD
added 2017/11/22 12:0 a.m.5 views

EMC ScaleIO for Linux Information Disclosure Vulnerability

EMC ScaleIO for Linux is a software-defined solution for converting DAS storage to shared data block storage based on the Linux platform from EMC. An information disclosure vulnerability exists in EMC ScaleIO version 2.0.1.x for Linux-based platforms, which originates when the program saves the...

8.4CVSS6AI score0.0037EPSS
Exploits1References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.3 views

Siemens 7KT PAC1200 Data Manager Authentication Bypass Vulnerability

The 7KT PAC1200 data manager 7KT1260 from the SENTRON portfolio is a fully integrated smart meter with a Web interface. An authentication bypass vulnerability exists in the 7KT PAC1200 data manager from the SENTRON portfolio, which could allow a remote attacker to bypass the authentication...

10CVSS9.6AI score0.0298EPSS
Exploits0References1
ICS
ICS
added 2017/10/05 12:0 a.m.70 views

Siemens 7KT PAC1200 Data Manager

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: 7KT PAC1200 data manager Vulnerability: Authentication Bypass Using an Alternate Path or Channel AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following versions of the 7KT...

10CVSS10AI score0.0298EPSS
Exploits0References3
OSV
OSV
added 2017/07/24 9:29 p.m.4 views

CVE-2017-1249

IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00648EPSS
Exploits0References2
CNVD
CNVD
added 2017/02/14 12:0 a.m.4 views

SIEMENS SIMATIC Logon Certification Bypass Vulnerability

SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are industrial automation products from Siemens. An authentication bypass vulnerability exists in SIEMENS SIMATIC Logon. An attacker can exploit the vulnerability to bypass the authentication mechanism and perform unauthorized operations...

9CVSS7.1AI score0.01987EPSS
Exploits0References1
hackapp
hackapp
added 2016/04/01 9:38 a.m.68 views

My Data Manager - Data Usage - Customized SSL, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application My Data Manager - Data Usage published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
NVD
NVD
added 2015/09/26 1:59 a.m.21 views

CVE-2015-6468

Cross-site request forgery CSRF vulnerability in Resource Data Management Data Manager before 2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.1AI score0.00643EPSS
Exploits0References1
Prion
Prion
added 2015/09/26 1:59 a.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Resource Data Management Data Manager before 2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.6AI score0.00643EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/09/25 1:0 a.m.19 views

CVE-2015-6468

Cross-site request forgery CSRF vulnerability in Resource Data Management Data Manager before 2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

7.1AI score0.00643EPSS
Exploits0References1
CVE
CVE
added 2015/09/25 1:0 a.m.48 views

CVE-2015-6470

Resource Data Management’s Data Manager prior to version 2.2 is affected by a privilege-escalation vulnerability (CWE-269) that allows a valid authenticated user to change passwords for other users, including administrators, via unspecified vectors. Public records indicate remote access and passw...

5.5CVSS6.5AI score0.01119EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/09/25 1:0 a.m.49 views

CVE-2015-6468

CVE-2015-6468 is a CSRF vulnerability in Resource Data Management’s Web-based Data Manager, affected versions prior to 2.2. The issue enables an attacker to hijack an authenticated user’s session and perform unintended actions on trusted pages via CSRF vectors (details not specified in the provid...

6.8CVSS7.3AI score0.00643EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2015/06/25 6:0 a.m.35 views

Resource Data Management Privilege Escalation Vulnerability

OVERVIEW Independent researcher Maxim Rupp has identified two vulnerabilities in Resource Data Management’s Data Manager application. Resource Data Management has produced a new version to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS Resourc...

6.8CVSS7.9AI score0.01119EPSS
Exploits0References10
Rows per page
Query Builder