133 matches found
CVE-2024-21246
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware component: OSB Core Functionality. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Service Bus...
PT-2024-7154 · Oracle · Oracle Hyperion
Name of the Vulnerable Software and Affected Versions: Oracle Hyperion BI+ version 11.2.18.0.000 Description: The issue is related to insufficient input validation in the UI and Visualization component of Oracle Hyperion BI+. It allows a low-privileged attacker to compromise Oracle Hyperion BI+ a...
CVE-2024-21139
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Answers. Supported versions that are affected are 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2024-21128
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.2.6-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object...
VulnCheck KEV: CVE-2019-2618
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...
CVE-2024-21045
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
The vulnerability of the application programming interface of the microprogramming system for controller security and session management in IP networks – OpenScape SBC (Session Border Controller). This software serves as an integration tool for communication systems into the unified communication system – OpenScape BCF (Business Communication Fabric). The OpenScape Branch server allows attackers to perform arbitrary actions.
The vulnerability of the application software interface for microprogramming controllers, which is used for security purposes and managing communication sessions in IP networks—the OpenScape SBC Session Border Controller—as well as the software used to integrate communication systems into the...
CVE-2023-21975
Vulnerability in the Application Express Customers Plugin product of Oracle Application Express component: User Account. Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker with network access vi...
OpenJDK: Swing HTML parsing issue (8296832)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable...
CVE-2022-21587
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...
CVE-2022-21429
Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Billing Care. Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion
Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion LFI Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.franklinfueling.com/ Version: 1.8.19.8580 Tested on: Linux Firefox CVE : CVE-2021-46417 Proof of Concept...
FFS Colibri Controller Module 1.8.19.8580 Directory Traversal Vulnerability
============== Author ============== = Name: Momen Eldawakhly Cyber Guy = Company: Cypro.se ====================================== ============== Product ============== = Vendor: Franklin Fueling Systems = Product: FFS Colibri Controller Module = Version: 1.8.19.8580...
FFS Colibri Controller Module 1.8.19.8580 Directory Traversal
============== Author ============== = Name: Momen Eldawakhly Cyber Guy = Company: Cypro.se ====================================== ============== Product ============== = Vendor: Franklin Fueling Systems = Product: FFS Colibri Controller Module = Version: 1.8.19.8580...
Exploit for CVE-2022-21907
CVE-2022-21907 This package will detect exploits of CVE-202...
CVE-2021-2236
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Advanced Global Intercompany. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...
CVE-2020-2834
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...
PT-2020-1306 · Oracle · Oracle Identity Manager
Name of the Vulnerable Software and Affected Versions: Oracle Identity Manager version 12.2.1.3.0 Description: The issue is related to the Identity Manager product of Oracle Fusion Middleware, specifically the OIM - LDAP user and role Synch component. It allows an unauthenticated attacker with...
The vulnerability of the WLS Core Components of Oracle WebLogic Server application servers allows attackers to modify, add, or delete data.
The vulnerability of Oracle WebLogic Server’s application server’s WLS core components is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain access to modify, add, or delete data using the HTTP protocol...
CVE-2019-2638
Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite subcomponent: Consolidation Hierarchy Viewer. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged...