112 matches found
Design/Logic Flaw
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Authentication Engine. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager...
CVE-2022-20744
CVE-2022-20744 affects Cisco Firepower Management Center (FMC). The issue is an input protection mechanism that relies on a specific input’s existence/value, allowing an authenticated, remote attacker to view data beyond their authorization by crafting requests to the affected device. Documented ...
Cisco Firepower Management Center Input Validation Error Vulnerability (CNVD-2022-43400)
Cisco Firepower Management Center FMC is a next-generation firewall management center software from Cisco, U.S.A. An input validation error vulnerability exists in Cisco Firepower Management Center, which stems from the fact that the protection mechanism relies on the presence or value of a...
CVE-2022-21382
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2022-21338
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications component: General Framework. The supported version that is affected is 3.0.2.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2022-21261
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...
CVE-2022-21255
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...
Code injection
Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows high privileged attacker with...
CVE-2021-2247
Vulnerability in the Oracle Advanced Collections product of Oracle E-Business Suite component: Admin. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanc...
CVE-2020-14797
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
Unspecified Vulnerability in Oracle Food and Beverage Applications Hospitality Reporting and Analytics
Oracle Food and Beverage Applications is the United States Oracle Oracle company's set of food and beverage sales management solutions. Hospitality Reporting and Analytics is one of the hotel reporting and analysis components. A security vulnerability exists in the Oracle Food and Beverage...
Unspecified Vulnerability in Oracle Financial Services Applications FLEXCUBE Investor Servicing (CNVD-2020-43697)
Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking and property management, etc. FLEXCUBE Investor Servicing is one of the real-time, online coverage of retail, group, investment banking comprehensive...
CVE-2020-14667
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...
Design/Logic Flaw
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors...
CVE-2020-2842
Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite component: Estimate and Actual Charges. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Depot...
CVE-2020-2813
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite component: KB Search. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Email...
CVE-2020-2793
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 8.0.6 - 8.0.9. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2020-2874
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite component: Customer Search. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Email Center. Successf...
Unspecified Vulnerability in Oracle E-Business Suite Common Applications Calendar (CNVD-2020-38207)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. An unspecified vulnerability exists in Oracle...
CVE-2020-2612
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Enterprise Config Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HT...