1367 matches found
UBUNTU-CVE-2021-35623
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2021-35571
Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft component: Advising Notes. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2021-35545
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
Oracle Secure Global Desktop Unauthorized Access Vulnerability
Oracle Secure Global Desktop is a secure remote access solution for any cloud-hosted enterprise applications and hosted desktops running on Microsoft Windows, Linux, Oracle Solaris, and mainframe servers. oracle Secure Global Desktop Unauthorized Access Vulnerability. An attacker could use this...
Oracle Essbase 安全漏洞
Oracle Essbase is an application from Oracle Corporation Oracle. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase's Essbase Administration Services product that...
AUVESY Versiondog 缓冲区错误漏洞
An out-of-bounds read vulnerability exists in AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, which can be exploited by attackers to specify any offset and read out-of-bounds data...
PT-2021-21021 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.26 and prior Description: A vulnerability in the MySQL Server product allows a high privileged attacker with network access via multiple protocols to compromise the server. Successful attacks can result in unauthoriz...
Samsung Notes libSPenBase buffer overflow vulnerability (CNVD-2025-24720)
Samsung Notes is an application from Samsung South Korea. It is used to provide a recording function. A buffer overflow vulnerability exists in Samsung Note versions prior to 4.3.02.61, which stems from a lack of buffer bounds checking in the libSPenBase library, and can be exploited by an attack...
CVE-2021-40497
SAP BusinessObjects Analysis edition for OLAP - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its...
nodejs 环境问题漏洞
nodejs is a JavaScript runtime environment based on the ChromeV8 engine by wrapping the Chromev8 engine as well as the use of event-driven and non-blocking IO applications to make the development of high-performance backend applications in Javascript possible. Nodejs An environment issue...
Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-09855)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that stems from the inability of the ""tf.rawops.RaggedGather"" parameter in the software to determine a valid ragged tensor code,...
mysql: Server: GIS unspecified vulnerability (CPU Jul 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
CVE-2021-40066
The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and...
Solarwinds Orion Platform SQL注入漏洞
SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and profiling of network devices and supports custom web interfaces, multiple user opinions, and map-based browsing of the entire network. The...
CVE-2021-37655
CVE-2021-37655 describes a heap-based read out of bounds in TensorFlow caused by incomplete validation when updating a resource with tf.raw_ops.ResourceScatterUpdate. The issue stems from validating the relationship between the shapes of indices and updates (only divisibility checked instead of p...
PT-2021-6423 · Mysql Server +1 · Mysql Cluster +1
Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 7.5.24 and prior MySQL Cluster versions 7.6.20 and prior MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attacker with access to the physical communication segment attached to the...
PT-2021-6430 · Oracle +1 · Mysql Cluster +1
Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 7.4.34 and prior MySQL Cluster versions 7.5.24 and prior MySQL Cluster versions 7.6.20 and prior MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attacker with access to the physic...
PT-2021-6426 · Oracle +1 · Mysql Cluster +1
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Cluster versions 7.4.34 and prior Oracle MySQL Cluster versions 7.5.24 and prior Oracle MySQL Cluster versions 7.6.20 and prior Oracle MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attack...
CVE-2021-2401
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: E-Business Suite - XDO. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...
CVE-2021-2373
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...