CVE-2023-21921

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

UBUNTU-CVE-2023-21971

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

Oracle JD Edwards Products 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products offer application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD Edward...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A security vulnerability exists in Autodesk AutoCAD version 2023, which originates from a maliciously crafted XB file that can be used to write to an unallocated buffer, resulting in a stack...

Siemens SCALANCE 加密问题漏洞

Siemens SCALANCE is a series of Ethernet switches from Siemens, Germany. It connects to Industrial Control System ICS devices, including Programmable Logic Controllers PLCs and Human Machine Interface HMI systems. A vulnerability exists in Siemens SCALANCE due to an encryption issue, which arises...

CVE-2022-48348

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity...

CVE-2022-48348

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity...

Design/Logic Flaw

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity...

CVE-2022-48348

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity...

PT-2023-9678 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to the use of an uninitialized resource in the msdosfs driver of the FreeBSD operating system. Exploitation of this issue may allow an attacker to read data from remote...

PT-2023-15724 · Unknown · Mediaprovider

Name of the Vulnerable Software and Affected Versions: MediaProvider affected versions not specified Description: The issue affects the confidentiality and integrity of data due to a vulnerability in the MediaProvider module that allows unauthorized data read. Recommendations: At the moment, ther...

CVE-2022-48348

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity...

CVE-2022-48348

The CVE-2022-48348 entries describe a vulnerability in the MediaProvider module that permits unauthorized data read, raising confidentiality and integrity concerns. The exposed details indicate the issue affects the MediaProvider component (in the context of HarmonyOS-related references) and coul...

CVE-2023-1256

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states...

CVE-2023-1256

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states...

Authorization

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states...

CVE-2023-1256 CVE-2023-1256

The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper authorization exploit which could allow an unauthenticated user to remotely read data, cause denial of service, and tamper with alarm states...

AVEVA Plant SCADA Access Anywhere 授权问题漏洞

AVEVA Plant SCADA Access Anywhere is a reliable, flexible and high-performance Supervisory Control and Data Acquisition SCADA software solution for industrial process customers from AVEVA. The true value and power of Plant SCADA can be accessed in any compatible web browser. An authorization issu...

PT-2023-20650 · Sap · Sap Content Server

Name of the Vulnerable Software and Affected Versions: SAP Content Server version 7.53 Description: The issue results from insufficient encoding of user-controlled inputs, leading to a Cross-Site Scripting XSS vulnerability. After successful exploitation, an attacker can read and modify some...

SUSE CVE-2005-0400

The ext2makeempty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block...