60 matches found
CVE-2018-2853
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications subcomponent: Operations, Client Application Loader. Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network acces...
CVE-2018-2788
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Fluid Core. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
Siemens SIMATIC WinCC OA UI for Android and iOS Access Bypass Vulnerability
Siemens SIMATIC WinCC OA UI for Android and iOS are both products of Siemens, Germany. Siemens SIMATIC WinCC OA UI for Android is a set of control interfaces for SCADA systems based on the Android platform. SIMATIC WinCC OA UI for iOS is its iOS-based version. A security vulnerability exists in...
CVE-2018-2722
Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2018-2691
Vulnerability in the Oracle User Management component of Oracle E-Business Suite subcomponent: Proxy User Delegation. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2018-2730
Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Cross Pillar. The supported version that is affected is 16.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail...
CVE-2017-10304
Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products subcomponent: Security. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM...
Oracle Siebel CRM Siebel UI Framework Component Unauthorized Operation Vulnerability (CNVD-2017-32188)
Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...
Oracle Java SE Javadoc Subcomponent Unauthorized Operation Vulnerability
Oracle Java SE is the United States Oracle Oracle company's set of standard version of the Java platform for the development and deployment of desktop, server, and embedded devices and real-time environments in the Java application. A security vulnerability exists in the Javadoc subcomponent of t...
CVE-2017-10238
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
CVE-2017-10106
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2017-10082
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM...
CVE-2017-10047
Vulnerability in the MICROS BellaVita component of Oracle Hospitality Applications subcomponent: Interface. The supported version that is affected is 2.7.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS BellaVita. Successful...
CVE-2017-10046
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerability allows low privileged attacker with network...
Oracle PeopleSoft Enterprise PRTL Interaction Hub Remote Vulnerability
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, and more.PeopleSoft Enterprise PRTL Interaction Hub is one of the enterprise and Customer Interaction...
Siemens OZW672 and OZW772 Data Read/Write Vulnerability
Siemens OZW672 and OZW772 are both building controller products from Siemens, Germany. A data read/write vulnerability exists in the Siemens OZW672 and OZW772. An attacker can exploit the vulnerability to read and write historical measurement data under certain conditions, or read and modify data...
CVE-2017-3478
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2017-3363
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
The vulnerability of the Apache Tomcat application server allows a attacker to cause a service failure.
The vulnerability of the setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java of the Apache Tomcat application server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent access...
CVE-2007-5210
Arbor Networks Peakflow SP is affected. Infections concern remote authenticated users bypassing access restrictions to read or write unspecified data via unknown vectors, affecting releases earlier than 3.5.1 patch 14 and 3.6.x prior to 3.6.1 patch 5. Root cause details are not fully disclosed in...