1367 matches found
Avaya Callback Assist 代码问题漏洞
Avaya Callback Assist is a software application from Avaya, USA. With Avaya Callback Assist, contact centers can offer callback options to callers during peak call periods when estimated wait times are highest A code issue vulnerability exists in Callback Assist includes 4.0.x Series 4.7.1.1 prio...
CVE-2021-2315
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2021-2240
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2021-2140
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Rules Framework. Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2021-2159
Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Frameworks. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...
Oracle PeopleSoft Enterprise CS Campus Community Frameworks 安全漏洞
Oracle PeopleSoft Products is a set of enterprise human capital management solutions from Oracle Oracle. The products provide human capital management, financial management, supplier relationship management, and other capabilities. A security vulnerability exists in PeopleSoft Enterprise CS Campu...
CVE-2021-27601
SAP NetWeaver AS Java Applications based on HTMLB for Java allows a basic-level authorized attacker to store a malicious file on the server. When a victim tries to open this file, it results in a Cross-Site Scripting XSS vulnerability and the attacker can read and modify data. However, the attack...
CVE-2020-10582
A SQL injection on the /admin/displayerrors.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to execute arbitrary SQL requests including data reading and modification on the database...
Weseek GROWI 安全漏洞
GROWI is a team collaboration software. An access control error vulnerability exists in WESEEK GROWI 4.2.2 and earlier versions, which can be exploited by a remote, unauthenticated attacker to read a user's personal information and/or internal server information...
DELL EMC PowerScale 访问控制错误漏洞
Dell EMC PowerScale OneFS is an API-powered file system. An elevation of privilege vulnerability exists in Dell EMC PowerScale OneFS 8.2.0 - 9.1.0. An attacker with the ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges could exploit this vulnerability to read arbitrary data, tamper with system...
GNU Binutils 后置链接漏洞
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. An...
DEBIAN-CVE-2020-29582
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...
Code injection
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...
CVE-2020-29582
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...
The vulnerability of the InnoDB component of the MySQL Database Server allows a hacker to gain access to data for reading or to gain privileged access to the infrastructure.
The vulnerability of the InnoDB component in the MySQL Database Management System exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read access to data or gain privileged access to the infrastructure...
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...
QEMU 访问控制错误漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an Access Control Error vulnerability that can be exploited by an attacker to bypass access restrictions via virtiofsd in ord...