Lucene search
K

251 matches found

CNVD
CNVD
added 2024/07/09 12:0 a.m.7 views

MediaWiki suffers from an unspecified vulnerability (CNVD-2024-31365)

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. MediaWiki has a security vulnerability that stems from the presence of cross-site request forgery CSRF,...

4.3CVSS6.8AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.6 views

PT-2024-26105 · Sap · Sap Netweaver Knowledge Management Xmleditor

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Knowledge Management XMLEditor affected versions not specified Description: The issue is due to weak encoding of user-controlled input in the SAP NetWeaver Knowledge Management XMLEditor, allowing malicious scripts to be execute...

6.1CVSS5.9AI score0.00256EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/04/16 12:0 a.m.5 views

编号撤回

Atlassian Confluence is a suite of specialized enterprise knowledge management and collaboration software from Atlassian Australia that can also be used to build enterprise WiKi. This CVE number has been withdrawn...

6.8AI score
Exploits0References2
OSV
OSV
added 2024/02/17 2:15 a.m.7 views

CVE-2024-20943

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Knowledge...

5.4CVSS7.3AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2024/02/17 2:15 a.m.24 views

CVE-2024-20943

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Knowledge...

5.4CVSS5.1AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2024/02/17 1:50 a.m.81 views

CVE-2024-20943

Affected software: Oracle E-Business Suite, Oracle Knowledge Management (Internal Operations), versions 12.2.3–12.2.13. Issue type/root cause: insufficient input validation in Oracle Knowledge Management, enabling a low-privileged attacker with network access via HTTP to compromise the system; at...

5.4CVSS5.1AI score0.00269EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/07 12:0 a.m.5 views

The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...

6.4CVSS6.8AI score0.0031EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.6 views

The vulnerability of sub-components of the Create, Update, Authoring Flow component of the Oracle Knowledge Management component of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, add, or delete data.

The vulnerability of the Create, Update, Authoring, and Flow components of the Oracle Knowledge Management component within the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to...

6.4CVSS6.8AI score0.00168EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.6 views

The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.

The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...

6.4CVSS6.6AI score0.00269EPSS
Exploits0References4Affected Software2
NCSC
NCSC
added 2024/01/18 12:0 a.m.5 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in E-Business suite and components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle...

6.5CVSS6.3AI score0.00493EPSS
Exploits0
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.6 views

Oracle E-Business Suite Security Vulnerability

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Knowledge...

5.4CVSS6.6AI score0.00269EPSS
Exploits0References2
NVD
NVD
added 2024/01/16 10:15 p.m.27 views

CVE-2024-20948

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...

6.1CVSS5.8AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 10:15 p.m.5 views

CVE-2024-20948

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...

6.1CVSS7.3AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2024/01/16 10:15 p.m.23 views

CVE-2024-20940

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

6.1CVSS5.8AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2024/01/16 10:15 p.m.4 views

CVE-2024-20940

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

6.1CVSS7.3AI score0.00168EPSS
Exploits0References1
Prion
Prion
added 2024/01/16 10:15 p.m.18 views

Design/Logic Flaw

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...

5.8CVSS6.5AI score0.0031EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/16 10:15 p.m.18 views

Code injection

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

5.8CVSS6.5AI score0.00168EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.48 views

CVE-2024-20948

CVE-2024-20948 affects Oracle E-Business Suite, Oracle Knowledge Management (Setup, Admin) in versions 12.2.3–12.2.13. An unauthenticated, network-accessible attacker (HTTP) can exploit via Oracle Knowledge Management, with user interaction required, to perform unauthorized updates, inserts, dele...

6.1CVSS5.8AI score0.0031EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.40 views

CVE-2024-20940

The CVE-2024-20940 entry concerns Oracle E-Business Suite’s Knowledge Management component (Create/Update/Authoring Flow). Affected versions are 12.2.3–12.2.13; the issue is exploitable over HTTP with network access and unauthenticated access, requiring user interaction, and may lead to unauthori...

6.1CVSS5.8AI score0.00168EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.4 views

Oracle E-Business Suite Security Vulnerability

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Knowledge Management is one of the knowledge...

6.1CVSS6.7AI score0.0031EPSS
Exploits0References2
Rows per page
Query Builder