The vulnerability of the Message Display component of the Oracle Email Center software allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

The vulnerability of the Investor Module component of the Primavera Portfolio Management software, a software solution for automating management processes in production operations, allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Investor Module component of Primavera Portfolio Management software exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information...

The vulnerability of the SQL component of the Oracle Database Server system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the SQL component of the Oracle Database Server database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected...

CVE-2020-14611

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Composer. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter...

PT-2020-3575

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.7 and 14.0.1 Description The issue is related to insufficient input validation in the Hotspot component of Oracle Java SE. It allows an unauthenticated attacker with network access via multiple protocols to...

envoy: Resource exhaustion via HTTP/2 client requests with large payloads and improper stream windows

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream...

The vulnerability of Oracle Siebel’s EAI and SWSE platform’s UI framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Oracle Siebel UI Framework components is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of the Information Manager Console component of the Oracle Knowledge business application allows a malicious individual to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Information Manager Console component in the Oracle Knowledge business application, where input data is not thoroughly verified. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected...

The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the SSO Engine component of the Oracle Access Manager application, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the SSO Engine component of the Oracle Access Manager is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Oracle Marketing’s Marketing Administration component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the Budget component of the Oracle Trade Management application, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the Budget component in the Oracle Trade Management application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through the HTTP network protocol...

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, is related to deficiencies in access control. Exploiting this vulnerability could allow an...

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network...

The vulnerability of the Hierarchy Diagrammers component of the Oracle Human Resources software allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Hierarchy Diagrammers component in Oracle Human Resources software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to protected information...

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software for banking analytical systems, which allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure banking analytics system, a simulation-based modeling solution, is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain...

The vulnerability of the Attachments component of the Oracle Document Management and Collaboration software, a part of the Oracle E-Business Suite, allows an attacker to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the Attachments component of the Oracle Document Management and Collaboration software for enterprise automation solutions relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to...