Lucene search
K

1370 matches found

BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.3 views

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

9.4CVSS7.8AI score0.01511EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.4 views

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/01/22 12:0 a.m.5 views

QEMU 访问控制错误漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an Access Control Error vulnerability that can be exploited by an attacker to bypass access restrictions via virtiofsd in ord...

8.2CVSS7.1AI score0.00522EPSS
Exploits1References20
OSV
OSV
added 2021/01/20 3:15 p.m.2 views

CVE-2021-2123

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

3.2CVSS6.1AI score0.00504EPSS
Exploits0References2
OSV
OSV
added 2021/01/20 3:15 p.m.6 views

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

5.4CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.3 views

CVE-2021-2110

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications component: Letters. The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the...

5CVSS6.7AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.3 views

CVE-2021-2069

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

8.6CVSS5.8AI score0.01355EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2043

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

6.1CVSS6.8AI score0.00972EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2004

Vulnerability in the Siebel Core - Server BizLogic Script product of Oracle Siebel CRM component: Integration - Scripting. Supported versions that are affected are 20.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Co...

4.3CVSS6.6AI score0.00956EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.2 views

CVE-2021-1996

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic...

2.4CVSS7.3AI score0.0126EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 3:15 p.m.2 views

UBUNTU-CVE-2021-2125

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

4.6CVSS5.8AI score0.00456EPSS
Exploits0References3
OSV
OSV
added 2021/01/20 3:15 p.m.1 views

UBUNTU-CVE-2021-2123

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

3.2CVSS5.8AI score0.00504EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/19 12:0 a.m.6 views

Oracle JD Edwards 组件安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation that provides application modules for financial management, project management, and asset lifecycle management. An information disclosure vulnerability exists in the E1...

5.8CVSS6.8AI score0.01361EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/01/06 8:59 p.m.27 views

CVE-2020-8274

Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code 'Code Injection' by allowing unauthenticated access to read data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to...

6.8AI score0.02037EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/05 12:0 a.m.4 views

nodejs 环境问题漏洞

Nodejs Core is a core module compiled into Nodejs from the OpenJS Foundation. This module for Nodejs provides the underlying TCP, HTTP, DNS, file system, subprocesses and other functionality support. A security vulnerability exists in Node Core that can be exploited by an attacker to bypass acces...

8.1CVSS6.9AI score0.16296EPSS
Exploits3References43
OSV
OSV
added 2020/12/22 10:15 p.m.2 views

CVE-2020-24673

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database such as shutdown the DBMS, recover the content of a given file present on the DBMS file...

9.8CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/11/08 12:0 a.m.7 views

PT-2023-3325 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue exists due to insufficient sanitization of user-supplied data in the external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected...

9.8CVSS6.7AI score0.49102EPSS
Exploits7References86
CNVD
CNVD
added 2020/11/04 12:0 a.m.4 views

Apple macOS Catalina File Access Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Catalina versions prior to 10.15.7 that enables malicious applications to read sensitive location information. No details of the vulnerability are...

4.3CVSS6.4AI score0.00921EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/10/27 12:44 a.m.13 views

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS7.4AI score0.02463EPSS
Exploits0References4
CNVD
CNVD
added 2020/10/26 12:0 a.m.2 views

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2020-59223)

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the Query component in Oracle PeopleSoft Enterprise PeopleTools 8.56, 8.57, and 8.58. An attacker coul...

4CVSS8.5AI score0.00956EPSS
Exploits0References1
Rows per page
Query Builder