Lucene search
K

8227 matches found

Node.js
Node.js
added 2015/10/17 7:41 p.m.63 views

methodOverride Middleware Reflected Cross-Site Scripting

Overview Connect is a stack of middleware that is executed in order in each request. The "methodOverride" middleware allows the http post to override the method of the request with the value of the "method" post key or with the header "x-http-method-override". Because the user post input was not...

4.3CVSS0.9AI score0.01237EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2015/10/15 3:40 p.m.33 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.4 update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.4 and fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common...

6.8CVSS7.3AI score0.02978EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2015/10/08 12:5 p.m.1 views

openstack-tripleo-heat-templates: unsafe pipeline ordering of swift staticweb middleware

A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package OpenStack director. The staticweb middleware was incorrectly configured before the Identity Service, and...

7.5CVSS5.8AI score0.02415EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/10/08 12:5 p.m.27 views

Moderate: Red Hat Security Advisory: Red Hat Enterprise Linux OpenStack Platform 7 director update

Updated packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 director for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...

7.5CVSS7.1AI score0.02415EPSS
Exploits0References71
seebug.org
seebug.org
added 2015/09/17 12:0 a.m.21 views

Django logout function Denial-of-service

Security releases issued: 1.8.4, 1.7.10, 1.4.22CVE: 2015-5963Fix: Update/1.8.4/1.7.10/1.4.22/Add @loginrequiredDjango 官方在八月十八号发布多个版本更新,修复几个安全问题,其中便包括一个由编码不当导致的 DoS 漏洞,测试一些网站均存在此问题。Detaildjango.contrib.auth.views.logout 视图用于开发者实现用户注销退出功能,正常情况下对于 logout 视图应使用官方提供的...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/09/15 12:0 a.m.7 views

The vulnerability of the Django web application framework, which allows a hacker to trigger a denial-of-service attack

The vulnerability of the contrib.sessions.middleware.SessionMiddleware component in the Django web framework is related to a resource management error. Exploiting this vulnerability allows an attacker to cause service failures by sending a large number of requests to contrib.auth.views.logout,...

5CVSS6.4AI score0.05163EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/09 12:0 a.m.7 views

The vulnerability of the Oracle E-Business Suite and the Oracle Fusion Middleware software platform, which allows a perpetrator to compromise the confidentiality and integrity of information.

The vulnerability of the sub-component Oracle WebCenter Portal in the Oracle E-Business Suite enterprise activity automation system and the Oracle Fusion Middleware software platform is related to code errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to...

5.5CVSS6.6AI score0.01764EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.7 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator component of the Oracle Fusion Middleware software is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity, availability, and confidentiality of information...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator sub-component of the Oracle Fusion Middleware software exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the...

6.8CVSS6.6AI score0.01906EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the confidentiality and integrity of information.

The vulnerability of the Oracle Access Manager component of the Oracle Fusion Middleware software is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality and integrity of information...

7.1CVSS6.6AI score0.01088EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Endeca Information Discovery Studio software component within the Oracle Fusion Middleware is related to errors in the code. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the integrity, accessibility, and confidentiality o...

7.5CVSS6.5AI score0.02974EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.4 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Endeca Information Discovery Studio software component within the Oracle Fusion Middleware is related to errors in the code. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the integrity, accessibility, and confidentiality o...

7.5CVSS6.5AI score0.02974EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.4 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator component of the Oracle Fusion Middleware software is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity, availability, and confidentiality of information...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator sub-component of the Oracle Fusion Middleware software exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform, which allows a perpetrator to compromise the integrity of information

The vulnerability of the Oracle GlassFish Server and Oracle WebLogic Server components of the Oracle Fusion Middleware software is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of information remotely...

4.3CVSS6.5AI score0.01607EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.4 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator sub-component of the Oracle Fusion Middleware software exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.4 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator sub-component of the Oracle Fusion Middleware software exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to influence the integrity of information.

The vulnerability of the Oracle Business Intelligence Enterprise Edition mobile app software platform is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of information...

3.5CVSS6.6AI score0.01174EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Endeca Information Discovery Studio software component of the Oracle Fusion Middleware is related to errors in the code. Exploiting this vulnerability may allow a malicious actor to compromise the integrity, accessibility, and confidentiality of information...

7.5CVSS6.5AI score0.02974EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.6 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Endeca Information Discovery Studio software component of the Oracle Fusion Middleware is related to errors in the code. Exploiting this vulnerability may allow an attacker, operating remotely, to compromise the integrity, accessibility, and confidentiality of...

7.5CVSS6.5AI score0.02974EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder