The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to create, delete, or alter access to critical data, gain read-only access to data, or cause partial service disruption.

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to create, delete, or alter access to critical data, gain read-only access to data, or cause a...

CVE-2022-21572

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2022-21527

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

UBUNTU-CVE-2022-21528

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Oracle FLEXCUBE Universal Banking 输入验证错误漏洞

Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking, and property management. An input validation error vulnerability exists in Oracle Banking Trade Finance component: Infrastructure version 14.5, whic...

The vulnerability of the Commerce Service Center component in the Oracle Commerce Service Center platform for electronic commerce allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Commerce Service Center component in the Oracle Commerce Service Center platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete data...

CVE-2022-29518

Screen Creator Advance2, HMI GC-A2 series, and Real time remote monitoring and control tool Screen Creator Advance2 versions prior to Ver.0.1.1.3 Build01, HMI GC-A2 seriesGC-A22W-CW, GC-A24W-CW, GC-A26W-CW, GC-A24, GC-A24-M, GC-A25, GC-A26, and GC-A26-J2, and Real time remote monitoring and contr...

CVE-2022-1300

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service...

CVE-2022-1300

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service...

TRUMPF TruTops访问控制错误漏洞

TRUMPF TruTops is TRUMPF's unique software for 2D/3D design and programming of laser, stamping and bending machines. An Access Control Error vulnerability exists in several TRUMPF TruTops products and stems from the application not performing required authentication for certain service functions...

OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

CVE-2022-26672

ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote attacker can use this token to establish connections with the server and carry out login attempts to general user accounts. A successful login to a general user account allows the attacker to access, modif...

MingSoft MCMS 跨站请求伪造漏洞

MingSoft MCMS is a complete open source J2ee system from MingSoft. A cross-site request forgery vulnerability exists in MingSoft MCMS v5.2.7, which stems from a lack of cross-site request forgery filtering in the file /role/saveOrUpdateRole.do. An attacker can exploit this vulnerability to elevat...

CVE-2022-21480

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: User Interface. Supported versions that are affected are 6.4.3 and 6.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Transportati...

CVE-2022-1329

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the /core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files...

UBUNTU-CVE-2022-21440

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The products include core banking, online banking, and estate management.FLEXCUBE Universal Banking is one of the Internet and mobile banking solution components. A security vulnerability exists in...

Oracle Java SE 输入验证错误漏洞

Oracle Java SE, an Oracle company, is used to develop and deploy Java applications on desktops, servers, and embedded devices and live environments.Oracle Java SE is vulnerable to an input validation error that could be exploited by an attacker to cause unauthorized creation, deletion, or...

CVE-2022-26065

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in GetLatestDemandNode. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...