CVE-2019-3822

CVE-2019-3822 affects libcurl 7.36.0 through before 7.64.0. The vulnerability is a stack-based buffer overflow in the NTLM header creation path: Curl_auth_create_ntlm_type3_message() uses unsigned arithmetic to guard a local buffer, but the check is insufficient, allowing the output data to excee...

The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.

The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protocol...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...

The vulnerability of the WLS Core Components of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the WLS Core Components component of the Oracle WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data or cause service failures...

The vulnerability of the Core Components of the identity management application for Oracle Identity Analytics allows a perpetrator to gain unauthorized access to data.

The vulnerability of the Core Components of the Oracle Identity Analytics application management application is related to lack of access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to data using the HTTP protocol...

web.config File Information Disclosure

An information disclosure vulnerability exists in the remote web server due to the disclosure of the web.config file. An unauthenticated, remote attacker can exploit this, via a simple GET request, to disclose potentially sensitive configuration information. C Tenable Network Security, Inc...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...

The vulnerability of the Oracle Application Testing Suite’s Load Testing for Web Apps component within the Oracle Enterprise Manager software platform allows a malicious actor to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Oracle Application Testing Suite’s Load Testing for Web Apps component is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures using the HTTP protocol...

The vulnerability of the Security component in the microprogramming software of Oracle Communications Diameter Signaling Router allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Security component in Oracle Communications Diameter Signaling Router software is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures using the HTTP...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...

The vulnerability of the SQR component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.

The vulnerability of the SQR component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using the HTTP protocol...

The vulnerability of the Administration component of the Oracle GlassFish Server allows a attacker to cause a service failure.

The vulnerability of the Administration component of Oracle GlassFish Server is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the HTTP protocol...

The vulnerability of the XML Publisher component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.

The vulnerability of the XML Publisher component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application using the HTTP protocol...

The vulnerability of the User Interface sub-component of the Oracle Marketing component in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Marketing component in the Oracle E-Business Suite is related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

The vulnerability of the “Outside In” component in Oracle’s software development kit (SDK) allows a hacker to trigger a service failure.

The vulnerability of the Outside component in Oracle’s software development kit SDK is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to cause a service failure using the HTTP protocol...

The vulnerability of the Oracle Applications Manager component of the Oracle E-Business Suite, a business automation system that allows attackers to modify, add, or delete data.

The vulnerability of the Oracle Applications Manager component in the Oracle E-Business Suite automation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP...

The vulnerability of the User Interface sub-component of the Oracle Trade Management component in the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data...

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications software package allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data usin...

The vulnerability of the “Outside In” component in Oracle’s software development kit (SDK) allows a hacker to trigger a service failure.

The vulnerability of the Outside component in Oracle’s software development kit SDK is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to cause a service failure using the HTTP protocol...

The vulnerability of the Partner Dashboard sub-component of the Oracle Partner Management component in the Oracle E-Business Suite allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Partner Dashboard sub-component of the Oracle Partner Management component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to modify, add, or delete data using th...