132 matches found
CVE-2017-10157
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
VehicleWorkshop SQL Injection Vulnerability
VehicleWorkshop is an online vehicle management system based on PHP and MySQL. VehicleWorkshop suffers from a SQL injection vulnerability. An attacker could use the vulnerability to access or modify data, or exploit a potential vulnerability in the underlying database...
CVE-2017-3587
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
CVE-2017-3577
Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products subcomponent: Frameworks. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...
The vulnerability of the Oracle VM VirtualBox virtual machine allows a hacker to gain access to data reading, modify data, or cause a partial service failure.
The vulnerability of the GUI component of the Oracle VM VirtualBox lies in security configuration errors. Exploiting this vulnerability allows a malicious actor to gain read access to data, modify, add, or delete data, or cause partial service failure through HTTP requests...
CVE-2017-3361
Vulnerability in the Oracle Installed Base component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2016-8298
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access...
CVE-2016-8317
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Unit Trust. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Difficult to exploit vulnerability allows low privileged attacker with network...
K-Search 1.0 - SQL Injection
K-Search 1.0 - SQL Injection source: https://www.securityfocus.com/bid/15588/info K-Search is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result...
phpList 2.8.12 - Admin Page SQL Injection
phpList 2.8.12 - Admin Page SQL Injection source: https://www.securityfocus.com/bid/14403/info PHPList is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied data before using it in an SQL query. Successful exploitation cou...
SurgeLDAP 1.0 - Web Administration Authentication Bypass
SurgeLDAP 1.0 - Web Administration Authentication Bypass source: https://www.securityfocus.com/bid/10294/info SurgeLDAP is an LDAP server implementation for Microsoft Windows and various Unix operating systems. It includes a built-in web server to permit remote user access via HTTP. It has been...
PT-2009-6750 · Openssl +3 · Openssl +4
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8q OpenSSL versions 1.0.x prior to 1.0.0c openssl-devel-0.9.7a openssl-0.9.7a compat-openssl097g compat-openssl097g-32bit openssl prior to version 1.0.0e Description: The issue involves multiple vulnerabilities i...