The vulnerability of the IQR-Foundation component of the Oracle Hyperion BI+ service allows a intruder to gain unauthorized access to protected information.

The vulnerability of the IQR-Foundation component of the Oracle Hyperion BI+ service is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information via the HTTP network protocol...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform in the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Marketing Administration component of Oracle’s marketing platform relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete...

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

The vulnerability of the Oracle Applications Manager component, a tool for application management in the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Oracle Applications Manager component, a tool for application management in the Oracle E-Business Suite, relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of the Diagnostics component of the Oracle Application Object Library in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Diagnostics component of the Oracle Application Object Library in the Oracle E-Business Suite automation system relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to and modify, add, or delete data using...

The vulnerability of the General component of the Oracle REST Data Services service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the General component of the Oracle REST Data Services is related to security mechanism failures. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information via the HTTP network protocol...

DEBIAN-CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...

Information disclosure

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...

The vulnerability of the Workbench search system of Oracle Commerce Guided Search and the Oracle Commerce Experience Manager, a tool for managing the user environment, allows an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Workbench search engine component of Oracle Commerce Guided Search and the Oracle Commerce Experience Manager user environment management tool exists due to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite system allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to access and modify, add, or delete data...

HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware

HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV. Help server.py unisessio...

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms lies in insufficient validation of input data. This allows attackers to gain unauthorized access to protected information, or to perform actions such as reading, modifying, adding, or deleting data.

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, or to read, modify, add, or delete...

The vulnerability of the UI & Visualization component of the Oracle Hyperion BI+ service, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the UI & visualization component of the Oracle Hyperion BI+ event service is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of the User Interface component of the Oracle SD-WAN Edge application allows a hacker to gain full control over the application.

The vulnerability of the User Interface component of the Oracle SD-WAN Edge application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using the HTTP protocol...

The vulnerability of the Analytics Web General component of the Oracle Business Intelligence Enterprise Edition software platform allows a hacker to gain full control over the application.

The vulnerability of the Analytics Web General component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application through the...

The vulnerability of the User Interface component of the Oracle Financial Services Liquidity Risk Management application allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Financial Services Liquidity Risk Management application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete da...

The vulnerability of the User Interface component of the Oracle Financial Services Loan Loss Forecasting and Provisioning application allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Financial Services Loan Loss Forecasting and Provisioning application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or...

The vulnerability of the Others component in the Oracle iSupport web application allows a attacker to gain read, modify, add, or delete access to data.

The vulnerability of the Others component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, add, or delete access to data using the HTTP protocol...

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software lies in deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the UI Servlet component of the Oracle Configurator allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...