Unspecified Vulnerability in Oracle E-Business Suite Oracle Internet Expenses AP Web Utilities Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Internet Expenses AP Web Utilities component, which could be exploited by a remote attacker to submit a special request to modify data...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Application Object Library Java APIs Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Application Object Library Java APIs component, which could be exploited by a remote attacker to submit a special request to modify data...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Project Contracts Printing Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Project Contracts Printing component of Oracle E-Business Suite, which could be exploited by a remote attacker to submit a special request to modify data...

Unspecified Vulnerability in Oracle Fusion Middleware Oracle Identity Federation Admin Component

Oracle Fusion Middleware is a suite of application servers for cloud and traditional environments. An unspecified security vulnerability exists in the Oracle Fusion Middleware Oracle Identity Federation Admin component, which could be exploited by remote attackers to modify data...

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Oracle Application Testing Suite Test Manager for Web Apps Component (CNVD-2016-00670)

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Oracle Application Testing Suite Test Manager for Web Apps component of Oracle Enterprise Manager Grid Control allows remote attackers to exploit the vulnerability to...

Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering Component (CNVD-2016-00598)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Overview Page/Report Rendering component, which could be exploited by remote attackers to submit a special reques...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Customer Interaction History User GUI Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Customer Interaction History User GUI component of Oracle E-Business Suite, which allows remote attackers to exploit the vulnerability by submitting special...

Oracle Supply Chain Configurator Agile Engineering Data Management Web Client Component Data Modification Vulnerability

Oracle Supply Chain Products Suite is a suite of supply chain solutions that provides value chain planning, value chain execution, and product lifecycle management. An unspecified vulnerability exists in the Oracle Supply Chain Agile Engineering Data Management Web Client component, which allows...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Field Service Field Service Map Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Field Service Field Service Map component, which allows remote attackers to exploit the vulnerability to submit a special request to modi...

IBM WebSphere Application Server Multiple Vulnerabilities (487947)

IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Multiple SQL Injection Vulnerabilities in TheHostingTool

TheHostingTool is a set of open source free PHP-based hosting applications. TheHostingTool suffers from multiple SQL injection vulnerabilities. An attacker could exploit the vulnerabilities to crisis the application, access or modify data, or exploit potential security holes underlying the databa...

IBM WebSphere Process Server and Business Process Manager Advanced Incorrect SSL/TLS Handling Vulnerability

IBM WebSphere Process Server and Business Process Manager BPM Advanced are both products of IBM Corporation, U.S.A. IBM WebSphere Process Server is a set of business process automation engines; BPM is a comprehensive business process management platform. BPM Advanced is an advanced version. A...

WordPress Plugin Pinpoint Booking System SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers running PHP and MySQL.Pinpoint Booking System is one of the plugins used to create a booking or reservation system in a WordPress site. A SQL...

WordPress Welcart plugin SQL injection vulnerability (CNVD-2015-08468)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Welcart is one of the plug-ins used to create shopping sites. A SQL injection vulnerability exists in WordPress Welcart...

Design/Logic Flaw

Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service daemon outage, obtai...

CVE-2015-1836

CVE-2015-1836 affects Apache HBase as used in IBM InfoSphere BigInsights (3.0.x). The vulnerability is a logic/ACL flaw in ZooKeeper coordination state: insecure ACL handling allows a remote attacker to read/modify data or cause a denial of service by exploiting ZooKeeper access controls. IBM’s b...

WordPress Double-Opt-in-for-Download Plugin SQL Injection Vulnerability

WordPress is a suite of blogging platforms developed using the PHP language by the WordPress Software Foundation.Double-Opt-in-for-Download is one of the plugins used to build email lists and enhance customer outreach. A SQL injection vulnerability exists in the WordPress Double-Opt-in-for-Downlo...

PT-2015-2979 · Mariadb +7 · Mariadb +7

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.46 and earlier Oracle MySQL versions 5.6.27 and earlier Oracle MySQL versions 5.7.9 and earlier MariaDB versions 5.5.47 and earlier MariaDB versions 10.0.x through 10.0.22 MariaDB versions 10.1.x through 10.1.9...

NXFilter has multiple vulnerabilities

NXFilter is a suite of DNS filtering software. NXFilter version 3.0.3 suffers from cross-site request forgery, cross-site scripting, and HTML injection vulnerabilities vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary HTML script code in the context of an affecte...

Siemens WinCC Microsoft SQL (MSSQL) Server Default Credentials (TCP/IP Listener)

The remote Microsoft SQL MSSQL Server has Siemens WinCC related default credentials set. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...