1047 matches found
CVE-2021-32691
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within t...
CVE-2021-32691
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within t...
Information disclosure
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within t...
CVE-2021-32691
CVE-2021-32691 affects Apollos Apps prior to v2.20.0, where new user registrations can access anyone’s account using only basic profile information (name, birthday, gender, etc.). This grants access to all app functionality and Rock-based links (e.g., giving, events). A patch exists in v2.20.0. A...
Monitor Windows Registry Changes with Qualys File Integrity Monitoring
With Windows registries storing a large number of programs and OS security settings and a large amount of raw data, threat actors have begun to use those registries as a data store for their malicious activity. It is therefore imperative for organizations to monitor changes in Windows registries ...
The vulnerability of the Data Source component of the Oracle CRM Technical Foundation system, which allows a malicious actor to gain unauthorized access to the device and disclose protected information.
The vulnerability of the Data Source component in the Oracle CRM Technical Foundation system relates to code errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device and disclose sensitive information through HTTP requests...
GHSA-58QP-5328-V7MH cumulative-distribution-function Infinite Loop vulnerability
Impact Apps using this library on improper data may crash or go into an infinite-loop In the case of a nodejs server-app using this library to act on invalid non-numeric data, the nodejs server may crash. This may affect other users of this server and/or require the server to be rebooted for prop...
Authorization Bypass
grafana is vulnerable to authorization bypass. A dashboard editor is able to bypass a permission check concerning a restricted data source...
CVE-2021-2251
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...
Design/Logic Flaw
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...
CVE-2021-2251
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...
CVE-2021-2251
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...
Oracle CRM Technical Foundation 安全漏洞
Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...
Design/Logic Flaw
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...
CVE-2021-27962
CVE-2021-27962 affects Grafana Enterprise 7.2.x and 7.3.x (before 7.3.10) and 7.4.x (before 7.4.5). The vulnerability allows a dashboard editor to bypass a permission check on a data source they should not access. This is a permission‑level bypass in the data source access path. The CVSS metrics ...
CVE-2021-27962
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...
CVE-2021-27962
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...
CVE-2021-27962
A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality. Mitigation If you are using the Enterprise version of Grafana, you ca...
Grafana Labs Grafana Enterprise 安全漏洞
Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise that stems from a user with the...