CVE-2022-21446

Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks of this...

CVE-2022-21411

Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

CVE-2022-21419

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. Supported versions that are affected are 5.5.0.0.0 and 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2022-21419

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. Supported versions that are affected are 5.5.0.0.0 and 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

UBUNTU-CVE-2022-21479

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

UBUNTU-CVE-2022-21484

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

UBUNTU-CVE-2022-21486

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

Oracle MySQL 缓冲区错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and MySQL Connectors is one of the drivers that connects to applications that use MySQL. The vulnerability allows a highly privileged attacker to...

Oracle MySQL 输入验证错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Server is one of the database server components.MySQL Connectors is one of the drivers for connecting applications that use MySQL. An input validation error vulnerability exists in Oracle MySQL that...

Oracle PeopleSoft Products产品输入验证错误漏洞

Oracle PeopleSoft Products is a set of enterprise human capital management solutions from Oracle Oracle. The product provides human capital management, financial management, supplier relationship management and other functions. An Access Control Error vulnerability exists in Oracle PeopleSoft...

CVE-2022-1383 Heap-based Buffer Overflow in radareorg/radare2

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

The vulnerability of the Mediation Engine component of the Oracle Communications Operations Monitor system allows a perpetrator to gain access to data reading or modify data.

The vulnerability of the Mediation Engine component of the Oracle Communications Operations Monitor visualization and monitoring system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data o...

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to read data.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data through network packets...

The vulnerability of the Mediation Engine component of the Oracle Communications Operations Monitor system allows a perpetrator to gain access to data reading or modify data.

The vulnerability of the Mediation Engine component of the Oracle Communications Operations Monitor visualization and monitoring system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data...

Input validation

In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289...

CVE-2022-20079

In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289...

The vulnerability of the Samples component of the Oracle WebLogic Server application server allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Samples component of the Oracle WebLogic Server application server exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read data or modify data through HTTP requests...

The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data, or to cause service failures using...

CVE-2022-26986

SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...

ALF-BanCo 信任管理问题漏洞

ALF-BanCo is a home banking software from the German company ALF-BanCo. It can manage various bank accounts, Paypal accounts and many credit cards. A trust management issue vulnerability exists in ALF-BanCO version v8.2.5, which originates from hard-coding passwords to encrypt SQLite databases...