1367 matches found
Oracle Construction and Engineering Suite 输入验证错误漏洞
Oracle Construction and Engineering Suite is a portfolio management solution suite product for construction projects from Oracle Corporation. A security vulnerability in Oracle Construction and Engineering Suite's Primavera Portfolio Management product could allow an unauthenticated attacker to...
Oracle Commerce 输入验证错误漏洞
Oracle Commerce is the United States Oracle Oracle company's set of e-business solutions. Commerce Platform is one of them to provide a multi-functional e-business platform components. A security vulnerability in Oracle Commerce's Oracle Commerce Platform product could allow an unauthenticated...
Oracle Financial Services Applications 安全漏洞
Oracle Financial Services Applications is a suite of financial services software, and Oracle Financial Services Analytical Applications is a financial services analytics software. Oracle Financial Services Applications is a financial services software. Analytical Applications is a financial...
Oracle Communications Applications 输入验证错误漏洞
Oracle Communications Applications is an advanced communications and collaboration services application from Oracle Corporation. A security vulnerability exists in the Oracle Communications Billing and Revenue Management product for Oracle Communications Applications Component: Pipeline Manager...
PT-2022-2012 · Oracle +1 · Virtualbox +1
Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.32 Description: The issue allows a low-privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox, potentially impacting additional...
Oracle WebLogic Server 输入验证错误漏洞
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
PT-2022-6851
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u321, 8u311, 11.0.13, 17.0.1 Oracle GraalVM Enterprise Edition versions 20.3.4, 21.3.0 Description The issue allows an unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE an...
CVE-2021-39680
In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PUB-A-197965864
In secSHA256Transform of sha256core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...
PT-2021-6982 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to...
vivo Jovi Smart Scene 安全漏洞
Vivo Jovi Smart Scene is used by China's Vivo to provide users with efficient, interactive and decision-making personalized services. The vivo Jovi Smart Scene suffers from a security vulnerability that allows an attacker to access sensitive information stored in the jovi Smart Scene module by...
CVE-2021-40366
A vulnerability has been identified in Climatix POL909 AWB module All versions V11.42, Climatix POL909 AWM module All versions V11.34. The web server of affected devices transmits data without TLS encryption. This could allow an unauthenticated remote attacker in a man-in-the-middle position to...
SAP ERP HCM 安全漏洞
SAP ERP HCM is an enterprise human resource management solution from SAP, Germany. A security vulnerability exists in SAP ERP HCM that stems from the fact that SAP ERP HCM Portugal does not perform the necessary authorization checks on reports that read employee payroll data for a specific region...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
...
CVE-2021-38451 AUVESY Versiondog
The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data...
CVE-2021-35649
Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Server. The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Deskto...
AZL-6717 CVE-2021-35625 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
AZL-6715 CVE-2021-35623 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2021-35616
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: UI Infrastructure. The supported version that is affected is 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation...