The vulnerability of the management interface for the virtual infrastructure management tool VMware vCenter Server allows a attacker to compromise the integrity, confidentiality, and accessibility of the protected information.

The vulnerability of the management interface for VMware vCenter Server’s virtual infrastructure is related to deficiencies in verifying the authenticity of certificates. Exploiting this vulnerability allows a malicious actor to compromise the integrity, confidentiality, and accessibility of the...

The vulnerability of the SDL_GetRGB function in the Simple DirectMedia Layer library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SDLGetRGB function in the Simple DirectMediaLayer library is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of Google Chrome’s Payments component allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Google Chrome’s Payments component is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the VeloCloud Orchestrator component of the VMware SD-WAN programmable network management platform lies in the lack of security measures for the SQL query structure. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the VeloCloud Orchestrator component of the VMware SD-WAN programmable network management platform relates to the lack of security measures for the SQL query structure. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and...

jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

GHSA-H2JV-5V3F-7M7J Downloads Resources over HTTP in adamvr-geoip-lite

Affected versions of adamvr-geoip-lite insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This could impact the integrity and availability of the data being used to make geolocation decisions b...

The vulnerability of the Installation component of the Oracle Hospitality Reporting and Analytics software platform, related to insufficient validation of input data, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Oracle Hospitality Reporting and Analytics software installation component is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

The vulnerability of the WebGUI component of the Oracle Enterprise Communications Broker allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the WebGUI component of the Oracle Enterprise Communications Broker relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the mod_rewrite function in the Apache Tomcat application server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the modrewrite function in the Apache Tomcat application server is related to the redirection of URLs to insecure websites. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-43710)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An unspecified vulnerability exists in Oracle MySQL Server. An attacker could exploit this vulnerability to cause a denial of service hang or frequen...

Unspecified Vulnerability in Oracle Food and Beverage Applications Hospitality Reporting and Analytics (CNVD-2020-43691)

Oracle Food and Beverage Applications is the United States Oracle Oracle company's set of food and beverage sales management solutions. Hospitality Reporting and Analytics is one of the hotel reporting and analysis components. A security vulnerability exists in Oracle Food and Beverage Applicatio...

Unspecified Vulnerability in Oracle Hospitality Reporting and Analytics (CNVD-2020-43748)

Oracle Food and Beverage Applications is the United States Oracle Oracle company's set of food and beverage sales management solutions. Hospitality Reporting and Analytics is one of the hotel reporting and analysis components. A security vulnerability exists in Oracle Hospitality Reporting and...

Unspecified Vulnerability in Oracle GraalVM Enterprise Edition Java Component

Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. The product supports a variety of programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM. A security vulnerability exists in the...

Unspecified Vulnerability in Oracle GraalVM Enterprise Edition JVMCI Component

Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. The product supports a variety of programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM. A security hole exists in the Oracle Graal...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-41754)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server 8.0.20 and prior versions of Server: Security: Privileges component of Oracle MySQL. An attacker...

Unspecified Vulnerability in Oracle Solaris (CNVD-2020-40806)

Oracle Solaris is a UNIX operating system from Oracle. An unspecified vulnerability exists in Oracle Solaris. An attacker could exploit this vulnerability to compromise Oracle Solaris, affecting the availability, confidentiality, and integrity of data...

Unspecified Vulnerability in Oracle Solaris (CNVD-2020-40805)

Oracle Solaris is a UNIX operating system from Oracle. An unspecified vulnerability exists in Oracle Solaris. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes that could impact data availability...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2020-40801)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2020-40800)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...