132 matches found
CVE-2022-21497
Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
AZL-7740 CVE-2022-21367 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Compiling. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
UBUNTU-CVE-2022-21291
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
Oracle PeopleSoft Enterprise PeopleTools 安全漏洞
Oracle PeopleSoft Enterprise PeopleTools is Oracle's technology for providing PeopleSoft applications with the ability to stay in sync with users' needs and expectations. A security vulnerability exists in the Oracle PeopleSoft Enterprise PeopleTools product that could allow an unauthenticated...
NetApp Clustered Data ONTAP Vulnerabilities - Lenovo Support US
No description provided...
PT-2021-7852
Name of the Vulnerable Software and Affected Versions Java SE versions 7u311, 8u301, 11.0.12, 17 Oracle GraalVM Enterprise Edition versions 20.3.3 and 21.2.0 Description The vulnerability is related to insufficient input validation in the Keytool component of Oracle Java SE and Oracle GraalVM...
Microsoft Edge 安全特征问题漏洞
Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. Microsoft Edge suffers from a security signature issue vulnerability that allows remote attackers to trick victims into visiting specially designed websites to obtain sensitive information or...
The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.
The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...
CVE-2021-2223
Vulnerability in the Oracle Receivables product of Oracle E-Business Suite component: Receipts. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Receivables. Successful attacks...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability in Oracle Product Hub...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...
CVE-2021-2105
Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
The vulnerability of the file system of the IoT Field Network Director software management tool allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the access control function in the IoT network management software, Field Network Director, is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or...
mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Unspecified Vulnerability in Oracle Hospitality OPERA Property Services Logging
Oracle Hospitality OPERA 5 Property Services is a Windows-based application component of Oracle Corporation for processing payment card payments. A security vulnerability exists in Oracle Hospitality OPERA 5 Property Services Logging version 5.5, 5.6 that allows a highly privileged attacker to...
CVE-2020-14742
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYSDBA level account privilege with network access via Oracle Net to...
CVE-2019-18990
A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a...
CVE-2020-8576
Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information...
The vulnerability of the DBI Setup component of the Oracle E-Business Intelligence application allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the DBI Setup component of the Oracle E-Business Intelligence application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...