CVE-2015-0474

CVE-2015-0474 is an Oracle Outside In Technology flaw in the Outside In Filters component (affecting Oracle Fusion Middleware 8.4.1, 8.5.0, 8.5.1) where a crafted DOCX can enable a remote attacker to execute arbitrary code or cause a denial of service due to memory corruption. IBM Security Bullet...

CVE-2015-0493

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474...

Oracle Patch Update Delivers 98 Fixes

Released alongside patches from Microsoft and Adobe yesterday, Oracle’s regularly scheduled Critical Patch Update fixed 98 issues across a handful of products, including Oracle’s Database, Fusion Middleware, Java SE, and MySQL, to name a few. One of the most pressing issues the update resolves is...

CVE-2015-2171

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

Design/Logic Flaw

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

CVE-2015-2171

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

CVE-2015-2171

CVE-2015-2171 affects the Slim PHP framework; vulnerable component is Middleware/SessionCookie.php in Slim before 2.6.0. The issue allows remote attackers to perform PHP object injection via crafted session data, enabling arbitrary code execution on the server. The root cause is deserialization o...

CVE-2015-2171

Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...

IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware

IT-Grundschutz M4.287: Sichere Administration der VoIP-Middleware. Stand: 14. Ergaenzungslieferung 14. EL. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Mobile Vikings: Approve topup method by sender of this method

user A has a sim and send auth request to user B user B accepted it and decide to add to shared sim own topup method user B goes to https://mobilevikings.be/en/account/easypay/auto-sms-topup/ - select shared sim card and select method in section "Choose a payment method" and submit form. User A g...

Oracle OpenSSO SAML Multiple Vulnerabilities (January 2015 CPU)

The remote Oracle OpenSSO component in the Oracle Fusion Middleware install is missing a vendor-supplied security update. It is, therefore, affected by multiple unspecified vulnerabilities in the SAML subcomponent. Note that these vulnerabilities are unspecified by Oracle but appear to be...

Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)

The version of Oracle HTTP Server installed on the remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector IV is selected when operating in cipher-block chaining CBC modes. A...

CVE-2015-0434

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect confidentiality via vectors related to Integration with OAM...

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

CVE-2015-0414

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

Design/Logic Flaw

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer...

CVE-2015-0434

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect confidentiality via vectors related to Integration with OAM...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect confidentiality via vectors related to Integration with OAM...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...