CVE-2022-39403

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell...

CVE-2022-21639

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search Integration. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2022-21610

Vulnerability in the Oracle Solaris product of Oracle Systems component: LDoms. The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

CVE-2022-21602

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2022-21601

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Connection Manager. Supported versions that are affected are 12.0.0.4.0-12.0.0.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

CVE-2022-21601

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Connection Manager. Supported versions that are affected are 12.0.0.4.0-12.0.0.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

PT-2022-24966 · Oracle · Oracle Database Server +1

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c through 21c Description: The issue affects the Java VM component, allowing a low-privileged attacker with Create Procedure privilege and network access via Oracle Net to compromise the Java VM. This can...

Oracle JD Edwards EnterpriseOne Tools 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products offer application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD Edward...

Oracle GraalVM 安全漏洞

Oracle GraalVM is the United States Oracle Oracle company's set of instant compilers written in the Java language. The product supports multiple programming languages and execution modes. A security vulnerability exists in Oracle GraalVM Enterprise Edition versions 20.3.7, 21.3.3, and 22.2.0. An...

CVE-2022-41581

The HWKEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...

CVE-2022-41580

The HWKEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...

The vulnerability of the file collection function of the Business Analytics platform Smart eVision allows a hacker to bypass security restrictions and gain access to read, modify, or delete data.

The vulnerability of the Smart eVision business intelligence platform’s file retrieval function is related to an incorrect restriction on the path name when accessing restricted catalogs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain access to rea...

The vulnerability of the ValueStack interface implementation in the Apache Struts software platform allows a attacker to gain access to read, modify, or delete data.

The vulnerability of the ValueStack interface implementation in the Apache Struts software platform is related to insufficient validation of input data when processing objects with the top parameter. Exploiting this vulnerability can allow an attacker to gain read, modify, or delete access to dat...

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to gain read access to data and modify it.

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protoco...

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to gain read access to data and modify it.

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protoco...

LibTIFF 安全漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for working with TIFF files.A security vulnerability exists in LibTIFF, which stems from a heap buffer overflow flaw found in the TIFFReadRawDataStriped function o...

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

The vulnerability of the Candidate Self Service Registration component of the Oracle iRecruitment software platform allows a perpetrator to gain access to read data.

The vulnerability of the Candidate Self Service Registration component in the Oracle iRecruitment software platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to and read data through HTTP requests...