CVE-2022-40705

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

CVE-2022-28860

An authentication downgrade in the server in Citilog 8.0 allows an attacker in a man in the middle position between the server and its smart camera Axis M1125 to achieve HTTP access to the camera...

Authentication flaw

An authentication downgrade in the server in Citilog 8.0 allows an attacker in a man in the middle position between the server and its smart camera Axis M1125 to achieve HTTP access to the camera...

CVE-2022-28860

An authentication downgrade in the server in Citilog 8.0 allows an attacker in a man in the middle position between the server and its smart camera Axis M1125 to achieve HTTP access to the camera...

CVE-2022-28860

The CVE-2022-28860 entry describes an authentication downgrade in the Citilog 8.0 server when communicating with the Axis M1125 smart camera, allowing an attacker in a man‑in‑the‑middle position to gain HTTP access to the camera. Affected component: Citilog 8.0 server; vulnerable path involves th...

CVE-2022-21586

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21586

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21585

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21584

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

CVE-2022-21580

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 2.9.0.0.0, 2.9.0.1.0, 3.0.0.0.0-3.2.0.0.0 and 4.0.0.0.0. Difficult to exploit vulnerability allows lo...

CVE-2022-21582

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21583

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21572

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2022-21576

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HT...

CVE-2022-21572

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2022-21575

Vulnerability in the Oracle WebCenter Sites Support Tools product of Oracle Fusion Middleware component: User Interface. The supported version that is affected is Prior to 4.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-21581

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21576

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HT...

CVE-2022-21561

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...