CVE-2023-0987

A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed...

Amazon Linux 2 : thunderbird (ALAS-2023-1945)

The version of thunderbird installed on the remote host is prior to 68.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1945 advisory. The Mozilla Foundation Security Advisory describes this flaw as: Due to confusion about ValueTags on JavaScript...

K67404630: Oracle WebLogic Server vulnerabilities CVE-2018-2894 and CVE-2018-2935

Security Advisory Description CVE-2018-2894 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticat...

K11009429: MySQL vulnerabilities CVE-2018-3170, CVE-2018-3171, CVE-2018-3173, CVE-2018-3174, and CVE-2018-3182

Security Advisory Description CVE-2018-3170 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

K98750200: Server component of Oracle MySQL vulnerabilities CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3265, and CVE-2017-3273

Security Advisory Description CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

K71231825: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2018-2776 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Group Replication GCS. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to...

K51433470: MySQL vulnerability CVE-2017-10424

Security Advisory Description Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL subcomponent: Monitoring: Web. Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows...

K42102650: MySQL vulnerability CVE-2017-10203

Security Advisory Description Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

K58192514: NSS vulnerability CVE-2017-7805

Security Advisory Description During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new...

K17386005: MySQL vulnerabilities CVE-2019-2420, CVE-2019-2434, CVE-2019-2435, CVE-2019-2436, and CVE-2019-2455

Security Advisory Description CVE-2019-2420 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network...

K23205024: MySQL Server Optimizer vulnerability CVE-2022-21438

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

K05441360: Oracle Java SE vulnerability CVE-2018-2797

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...

K09405555: MySQL vulnerabilities CVE-2017-10155, CVE-2017-10165, CVE-2017-10167, CVE-2017-10227, and CVE-2017-10268

Security Advisory Description CVE-2017-10155 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Pluggable Auth. Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with...

K15518610: Multiple OpenJDK vulnerabilities

Security Advisory Description CVE-2016-5546 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable...

K52514501: MySQL vulnerabilities CVE-2019-2596, CVE-2019-2606, CVE-2019-2607, CVE-2019-2614, and CVE-2019-2617

Security Advisory Description CVE-2019-2596 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

K63470526: MySQL vulnerabilities CVE-2018-3203, CVE-2018-3212, CVE-2018-3247, CVE-2018-3251, and CVE-2018-3258

Security Advisory Description CVE-2018-3203 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

K41815723: Java SE vulnerability CVE-2017-10078

Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: Scripting. The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java S...

K16898: PKCS #7 vulnerability CVE-2015-1790

Security Advisory Description The PKCS7dataDecodefunction in crypto/pkcs7/pk7doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a PKCS7 blob tha...

Important: thunderbird

Issue Overview: An out of date graphics library Angle likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird 78.9 and Firefox ESR 78.9. CVE-2021-4127 Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson...

PT-2023-16618 · Unknown · Code-Projects Pharmacy Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Pharmacy Management System version 1.0 Description: A critical issue has been found in the Avatar Image Handler component of the file add.php, leading to unrestricted upload. The attack can be initiated remotely. The issue affect...