1370 matches found
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.
The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...
QEMU 访问控制错误漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU suffers from an Access Control Error vulnerability that can be exploited by an attacker to bypass access restrictions via virtiofsd in ord...
CVE-2021-2123
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
CVE-2021-2110
Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications component: Letters. The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the...
CVE-2021-2069
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...
CVE-2021-2043
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2021-2004
Vulnerability in the Siebel Core - Server BizLogic Script product of Oracle Siebel CRM component: Integration - Scripting. Supported versions that are affected are 20.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Co...
CVE-2021-1996
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic...
UBUNTU-CVE-2021-2125
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
UBUNTU-CVE-2021-2123
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
Oracle JD Edwards 组件安全漏洞
Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation that provides application modules for financial management, project management, and asset lifecycle management. An information disclosure vulnerability exists in the E1...
CVE-2020-8274
Citrix Secure Mail for Android before 20.11.0 suffers from Improper Control of Generation of Code 'Code Injection' by allowing unauthenticated access to read data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to...
nodejs 环境问题漏洞
Nodejs Core is a core module compiled into Nodejs from the OpenJS Foundation. This module for Nodejs provides the underlying TCP, HTTP, DNS, file system, subprocesses and other functionality support. A security vulnerability exists in Node Core that can be exploited by an attacker to bypass acces...
CVE-2020-24673
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database such as shutdown the DBMS, recover the content of a given file present on the DBMS file...
PT-2023-3325 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue exists due to insufficient sanitization of user-supplied data in the external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected...
Apple macOS Catalina File Access Vulnerability
Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Catalina versions prior to 10.15.7 that enables malicious applications to read sensitive location information. No details of the vulnerability are...
OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2020-59223)
Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the Query component in Oracle PeopleSoft Enterprise PeopleTools 8.56, 8.57, and 8.58. An attacker coul...