133 matches found
NEC Aterm W300P OS Command Injection Vulnerability (CNVD-2019-01102)
The NEC Aterm W300P is a wireless router from Nippon Electric NEC. An operating system command injection vulnerability exists in the NEC Aterm W300P using firmware version 1.0.13 and earlier. An attacker can exploit this vulnerability to execute arbitrary operating system commands via HTTP reques...
JDK: unspecified vulnerability fixed in 6u171, 7u161, 8u151, and 9.0.1 (Javadoc)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Javadoc. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks...
CVE-2017-10375
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications subcomponent: Base. Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2017-10293
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Javadoc. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks...
CVE-2017-10060
Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware subcomponent: Analytics Web General. Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2017-10121
Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java...
CVE-2017-10002
Vulnerability in the Oracle Hospitality Inventory Management component of Oracle Hospitality Applications subcomponent: Settings and Config. Supported versions that are affected are 8.5.1 and 9.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2017-3542
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware subcomponent: Server. Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to...
The vulnerability of the Oracle VM VirtualBox virtual machine allows a hacker to gain access to data reading, modify data, or cause a partial service failure.
The vulnerability of the GUI component of the Oracle VM VirtualBox lies in security configuration errors. Exploiting this vulnerability allows a malicious actor to gain read access to data, modify, add, or delete data, or cause partial service failure through HTTP requests...
CVE-2017-3364
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle GlassFish Server Remote Vulnerability
Oracle GlassFish Enterprise Server is an open source and open community platform for building and deploying next-generation applications and services. A remote vulnerability exists in Oracle GlassFish Server that allows attackers to exploit the 'HTTP' protocol to compromise the 'Admin Console'...
Adult Script <= 1.6.5 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org...
Cisco IOS 11.x12.x - HTTP Configuration Arbitrary Administrative Access (2)
Cisco IOS 11.x12.x - HTTP Configuration Arbitrary Administrative Access 2 / source: https://www.securityfocus.com/bid/2936/info IOS is router firmware developed and distributed by Cisco Systems. IOS functions on numerous Cisco devices, including routers and switches. It is possible to gain full...