Lucene search
K

1086 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.7 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...

7.8CVSS7.5AI score0.01142EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.6 views

The vulnerability of the User Interface sub-component of the Oracle Collaborative Planning component of the Oracle E-Business Suite allows a perpetrator to access and modify data.

The vulnerability of the User Interface sub-component of the Oracle Collaborative Planning product, a business automation system within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to...

8.5CVSS7.7AI score0.00987EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.5 views

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthoriz...

8.5CVSS6.9AI score0.00901EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/27 4:23 a.m.7 views

OPENSUSE-SU-2022:0148-1 Security update for varnish

This update for varnish fixes the following issues: varnish was updated to release 7.1.0 boo1195188 CVE-2022-23959 VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. VMOD: New STRING strftimeTIME time, STRING format function for UTC formatting...

9.1CVSS7.9AI score0.01957EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.3 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.5AI score0.00537EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2022/05/16 5:42 p.m.414 views

Exploit for CVE-2022-21907

CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...

10CVSS9.6AI score0.9279EPSS
Exploits21
Cvelist
Cvelist
added 2022/05/10 9:46 a.m.26 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5AI score0.00537EPSS
Exploits0References1
OSV
OSV
added 2022/04/30 6:16 p.m.14 views

GHSA-X445-MMPW-7R4F Apache Tomcat Allows Source Disclosure

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...

5CVSS6.6AI score0.10956EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/04/30 6:16 p.m.20 views

Apache Tomcat Allows Source Disclosure

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...

5CVSS7.1AI score0.10956EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/04/29 1:27 a.m.23 views

GHSA-7WJ2-48C4-2684 Apache Tomcat Denial of Service vulnerability in the Catalina package

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...

5CVSS6.2AI score0.32657EPSS
Exploits1References13
Github Security Blog
Github Security Blog
added 2022/04/29 1:27 a.m.27 views

Apache Tomcat Denial of Service vulnerability in the Catalina package

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...

5CVSS6.7AI score0.32657EPSS
Exploits1References14Affected Software1
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.19 views

Slackware: Security Advisory (SSA:2017-300-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.9AI score0.79855EPSS
Exploits3References2
Cvelist
Cvelist
added 2022/04/18 4:20 p.m.32 views

CVE-2022-25226

ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the serve...

10AI score0.10867EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.5 views

The vulnerability of the Reseller Locator component in the Oracle Partner Management system allows a malicious actor to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Reseller Locator component in the Oracle Partner Management system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...

6.1CVSS6.8AI score0.00706EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.4 views

The vulnerability of the Samples component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Samples component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...

6.5CVSS6.8AI score0.01049EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/08 12:0 a.m.7 views

The vulnerability of the Log component in the Oracle Enterprise Session Border Controller allows a perpetrator to cause a partial service disruption.

The vulnerability of the Log component in the Oracle Enterprise Session Border Controller is related to resource release errors. Exploiting this vulnerability could allow a malicious actor to cause a partial service outage using the HTTP protocol...

4.3CVSS6.8AI score0.00804EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/08 12:0 a.m.5 views

The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

4.3CVSS6.4AI score0.00688EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/08 12:0 a.m.6 views

The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Unified Metadata Manager component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

5.3CVSS6.6AI score0.01147EPSS
Exploits0References4Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2022/04/06 12:0 a.m.25 views

Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability

Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution...

9.8CVSS2.3AI score0.99718EPSS
In wildExploits24
GithubExploit
GithubExploit
added 2022/04/04 10:53 a.m.294 views

Exploit for CVE-2022-21907

CVE-2022-21907 A REAL DoS exploit for CVE-2022-21907 It supp...

10CVSS9.5AI score0.9279EPSS
Exploits21
Rows per page
Query Builder