The vulnerability of the User Interface component of the Oracle Financial Services Loan Loss Forecasting and Provisioning application allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Financial Services Loan Loss Forecasting and Provisioning application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or...

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software lies in deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the User Interface component of the Oracle Financial Services Liquidity Risk Management application allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Financial Services Liquidity Risk Management application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete da...

The vulnerability of the Others component in the Oracle iSupport web application allows a attacker to gain read, modify, add, or delete access to data.

The vulnerability of the Others component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, add, or delete access to data using the HTTP protocol...

The vulnerability of the UI Servlet component of the Oracle Configurator allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the Message Display component of the Oracle Email Center software allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information...

The vulnerability of the SQL component of the Oracle Database Server system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the SQL component of the Oracle Database Server database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected...

The vulnerability of the Investor Module component of the Primavera Portfolio Management software, a software solution for automating management processes in production operations, allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Investor Module component of Primavera Portfolio Management software exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected...

CVE-2020-14611

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Composer. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter...

PT-2020-3575

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.7 and 14.0.1 Description The issue is related to insufficient input validation in the Hotspot component of Oracle Java SE. It allows an unauthenticated attacker with network access via multiple protocols to...

envoy: Resource exhaustion via HTTP/2 client requests with large payloads and improper stream windows

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of Oracle Siebel’s EAI and SWSE platform’s UI framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Oracle Siebel UI Framework components is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of the Information Manager Console component of the Oracle Knowledge business application allows a malicious individual to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Information Manager Console component in the Oracle Knowledge business application, where input data is not thoroughly verified. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the SSO Engine component of the Oracle Access Manager application, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the SSO Engine component of the Oracle Access Manager is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network...

The vulnerability of the Budget component of the Oracle Trade Management application, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the Budget component in the Oracle Trade Management application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through the HTTP network protocol...