Opportunistic Exploitation of WSO2 CVE-2022-29464

On April 18, 2022, MITRE published CVE-2022-29464 , an unrestricted file upload vulnerability affecting various WSO2 products. WSO2 followed with a security advisory explaining the vulnerability allowed unauthenticated and remote attackers to execute arbitrary code in the following products: API...

Unspecified Vulnerability in Oracle Fusion Middleware and Oracle Business Intelligence Enterprise Edition (CNVD-2022-33106)

Oracle Fusion Middleware and Oracle Business Intelligence Enterprise Edition are both products of Oracle Corporation.Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments. Oracle Fusion Middleware is a business innovation platform for enterpris...

CVE-2022-21492

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2022-21481

Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft component: Financial Gateway. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2022-21475

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking...

CVE-2022-21474

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21473

Vulnerability in the Oracle Banking Treasury Management product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-21472

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2022-21473

Vulnerability in the Oracle Banking Treasury Management product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2022-21448

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

CVE-2022-21421

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Web General. Supported versions that are affected are 5.5.0.0.0, 5.9.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker wit...

CVE-2022-21474

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...

CVE-2022-21473

Vulnerability in the Oracle Banking Treasury Management product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications and Oracle Banking Payments are both products of Oracle Corporation Oracle.Oracle Financial Services Applications is a suite of financial services software. The product includes core banking, online banking and property management, etc. Oracle Banking Paymen...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The products include core banking, online banking, and estate management.FLEXCUBE Universal Banking is one of the Internet and mobile banking solution components. A security vulnerability exists in...

CVE-2022-24595

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP or WebSocket request to the socket listened by the afb-daemon process. No...

Exploit for Authentication Bypass by Capture-replay in Dingtian-Tech Dt-R004_Firmware

CVE-2022-29593 - Authentication Bypass by Capture Replay Ding...

CVE-2022-21396

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications component: Mediation Engine. Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...