251 matches found
MediaWiki suffers from an unspecified vulnerability (CNVD-2024-31365)
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. MediaWiki has a security vulnerability that stems from the presence of cross-site request forgery CSRF,...
PT-2024-26105 · Sap · Sap Netweaver Knowledge Management Xmleditor
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Knowledge Management XMLEditor affected versions not specified Description: The issue is due to weak encoding of user-controlled input in the SAP NetWeaver Knowledge Management XMLEditor, allowing malicious scripts to be execute...
编号撤回
Atlassian Confluence is a suite of specialized enterprise knowledge management and collaboration software from Atlassian Australia that can also be used to build enterprise WiKi. This CVE number has been withdrawn...
CVE-2024-20943
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Knowledge...
CVE-2024-20943
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Knowledge...
CVE-2024-20943
Affected software: Oracle E-Business Suite, Oracle Knowledge Management (Internal Operations), versions 12.2.3–12.2.13. Issue type/root cause: insufficient input validation in Oracle Knowledge Management, enabling a low-privileged attacker with network access via HTTP to compromise the system; at...
The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.
The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...
The vulnerability of sub-components of the Create, Update, Authoring Flow component of the Oracle Knowledge Management component of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, add, or delete data.
The vulnerability of the Create, Update, Authoring, and Flow components of the Oracle Knowledge Management component within the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to...
The vulnerability of the Setup sub-component, part of the Admin component in Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, allows an attacker to gain access to read, modify, add, or delete data.
The vulnerability of the Setup sub-component and the Admin component of Oracle Knowledge Management, a system for automating business processes within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating...
Vulnerabilities fixed in Oracle E-Business Suite
Oracle has fixed vulnerabilities in E-Business suite and components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle...
Oracle E-Business Suite Security Vulnerability
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Knowledge...
CVE-2024-20948
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...
CVE-2024-20948
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...
CVE-2024-20940
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2024-20940
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Design/Logic Flaw
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Setup, Admin. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge...
Code injection
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite component: Create, Update, Authoring Flow. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2024-20948
CVE-2024-20948 affects Oracle E-Business Suite, Oracle Knowledge Management (Setup, Admin) in versions 12.2.3–12.2.13. An unauthenticated, network-accessible attacker (HTTP) can exploit via Oracle Knowledge Management, with user interaction required, to perform unauthorized updates, inserts, dele...
CVE-2024-20940
The CVE-2024-20940 entry concerns Oracle E-Business Suite’s Knowledge Management component (Create/Update/Authoring Flow). Affected versions are 12.2.3–12.2.13; the issue is exploitable over HTTP with network access and unauthenticated access, requiring user interaction, and may lead to unauthori...
Oracle E-Business Suite Security Vulnerability
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Knowledge Management is one of the knowledge...