CVE-2022-21532

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...

CVE-2022-21544

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTT...

CVE-2022-21523

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: BI Publisher Security. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI...

CVE-2022-21520

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2022-21523

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: BI Publisher Security. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI...

CVE-2022-21518

Vulnerability in the Oracle Health Sciences Data Management Workbench product of Oracle Health Sciences Applications component: User Interface. Supported versions that are affected are 2.4.8.7 and 2.5.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2022-21428

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTT...

CVE-2022-21428

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTT...

CVE-2022-21429

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

Buffer overflow

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2022-21532

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...

CVE-2022-21520

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

Oracle Fusion Middleware 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle USA. The platform provides middleware, software collections, and other capabilities. An input validation error vulnerability exists in Oracle Fusion...

Oracle FLEXCUBE Universal Banking 输入验证错误漏洞

Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...

Oracle FLEXCUBE Universal Banking 输入验证错误漏洞

Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The products include core banking, online banking and property management, etc. FLEXCUBE Universal Banking is one of the Internet and mobile banking solution components. An input validation error...

Oracle JD Edwards Products 输入验证错误漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products provide financial management, project management and asset lifecycle management application modules. An input validation error vulnerability exists in JD Edwards...

CVE-2022-21500

Vulnerability in Oracle E-Business Suite component: Manage Proxies. The supported version that is affected is 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can...

Improper Input Validation in Jenkins

The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, , supports form validation e.g. for API keys. The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations o...

PT-2022-2829 · Sonicwall · Sonicwall Sma1000

Name of the Vulnerable Software and Affected Versions: SonicWall SMA1000 series firmware versions prior to 12.4.1-02965 Description: The issue is related to insufficient access control in the firmware of SonicWall SMA 1000 series firewalls. This can allow a remote attacker to gain unauthorized...