CVE-2023-46324

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...

CVE-2023-21861

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2023-1038

A vulnerability classified as critical has been found in SourceCodester Online Reviewer Management System 1.0. Affected is an unknown function of the file /reviewer0/admins/assessments/pretest/questions-view.php. The manipulation of the argument id leads to sql injection. It is possible to launch...

CVE-2023-1442

A vulnerability was found in Meizhou Qingyunke QYKCMS 4.3.0. It has been classified as problematic. This affects an unknown part of the file /adminsystem/api.php of the component Update Handler. The manipulation of the argument downurl leads to unrestricted upload. It is possible to initiate the...

PT-2025-22717 · Intellian · Intellian C700

Name of the Vulnerable Software and Affected Versions: Intellian C700 affected versions not specified Description: The issue concerns the Intellian C700 web panel, specifically with the addition of firewall rules. Each rule has an associated ID, but a discrepancy can occur between the ID used for...

CVE-2022-21597

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaScript. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

CVE-2022-21345

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Security. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2021-23983

By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 87...

CVE-2021-2085

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CR...

CVE-2021-2318

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2021-21859

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open a video to trigger...

CVE-2020-14795

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2020-14736

Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Public Synonym privilege with network access via Oracle Net to compromi...

CVE-2020-14629

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle...

CVE-2018-4008

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

CVE-2019-5322

A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007 and 16.10. before 16.10.0003...

CVE-2019-2703

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2019-5158

An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware versio...

CVE-2019-5161

An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges...

CVE-2019-18960

Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes...