61 matches found
Oracle iAssets 安全漏洞
Oracle iAssets is a corporate fixed asset self-service management system developed by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle iAssets contain security vulnerabilities. These vulnerabilities stem from issues with the Internal Operations component, which may all...
Oracle Payroll 安全漏洞
Oracle Payroll is a corporate payroll calculation and distribution management system developed by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle Payroll contain security vulnerabilities. These vulnerabilities stem from issues with the Internal Operations component,...
CVE-2025-37176
A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privilege...
CVE-2025-37176
CVE-2025-37176 is an authenticated command-injection vulnerability in Aruba AOS-8. An authenticated privileged user can alter a package header to inject shell commands, potentially causing arbitrary command execution with the privileges of the impacted mechanism. The issue is documented across mu...
EUVD-2025-20249
Malicious code in bioql PyPI...
EUVD-2025-30239
Malicious code in bioql PyPI...
CVE-2025-10458
Parameters are not validated or sanitized, and are later used in various internal operations...
CVE-2025-10458
Parameters are not validated or sanitized, and are later used in various internal operations...
CVE-2025-10458
Parameters are not validated or sanitized, and are later used in various internal operations...
CVE-2025-10458 Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values
Parameters are not validated or sanitized, and are later used in various internal operations...
Zephyr 安全漏洞
Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in zephyr that stems from unvalidated or cleaned parameters that could lead to the exploitation of internal operations...
PT-2025-38512
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description The software exhibits a flaw due to improper validation or sanitization of parameters. These parameters are subsequently utilized in internal operations,...
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a business automation solution, allows a perpetrator to gain access to read, modify, and delete information.
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Lease and Finance Management...
CVE-2025-6712
MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory...
CVE-2025-20968
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery...
K000138649: GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553
Security Advisory Description CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. CVE-2024-0553 A vulnerability was found in GnuTLS. The response times to...
The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite automation system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data...
PT-2023-1182 · Oracle · Oracle Mysql Cluster
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Cluster versions 7.4.38 and prior Oracle MySQL Cluster versions 7.5.28 and prior Oracle MySQL Cluster versions 7.6.24 and prior Oracle MySQL Cluster versions 8.0.31 and prior Description: The issue is related to insufficient inpu...
The vulnerability of the Internal Operations component of the application’s access, organization, and interaction with various types of tasks in the Oracle Universal Work Queue system—a business automation tool within the Oracle E-Business Suite—allows a perpetrator to gain full control over the application.
The vulnerability of the Internal Operations component of the application for accessing, organizing, and interacting with various types of work in the Oracle Universal Work Queue system, a business automation solution from Oracle E-Business Suite, is related to insufficient validation of input...