CVE-2014-2481

Technical details for CVE-2014-2481 are not publicly available in the provided documents. Monitor for updates.

CVE-2014-2493

Technical details for CVE-2014-2493 are not publicly available in the provided connected documents beyond the shared description. Monitor for updates from official advisories and vulnerability databases.

CVE-2014-4217

CVE-2014-4217 affects Oracle WebLogic Server components under Oracle Fusion Middleware (10.0.2.0, 10.3.6.0, 12.1.1.0). The vulnerability is described as unspecified and related to WLS Web Services, enabling remote integrity impact. No explicit remediation details are provided in the supplied docu...

CVE-2014-4210

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services...

Oracle Releases July 2014 Security Advisory

Oracle has released its Critical Patch Update for July 2014 to address 113 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 29 for Oracle Fusion Middleware 7 for Oracle Hyperion 1 for Oracle Enterprise Manager Grid Control 5...

Oracle July 2014 Critical Patch Update

Never one to skimp on patches, Oracle is expected to release 113 of them tomorrow as part of its quarterly Critical Patch Update. The company also clarified that Java 7 versions will continue to work on the end-of-life Microsoft Windows XP platform and Oracle security updates for Java on XP...

Oracle Event Processing FileUploadServlet Arbitrary File Upload Exploit

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system. This Metasploit module exploits an Arbitrary File Upload vulnerability in Oracle Event Processing...

openSUSE Security Update : openstack-nova (openSUSE-SU-2013:1087-1)

This update of openstack-nova fixes a security vulnerability. - Add CVE-2013-2030.patch: fix insecure keystone middleware tmpdir by default CVE-2013-2030, bnc819349. - Use explicit keystone-signing dir to workaround lp1181157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

Important: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.1 security update

An update for Red Hat JBoss Operations Network 3.2.1, which fixes two security issues, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013- 0155)

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query...

Ubuntu: Security Advisory (USN-2207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[USN-2207-1] OpenStack Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2207-1 May 06, 2014 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

Ubuntu 12.04 LTS / 12.10 / 13.10 : swift vulnerability (USN-2207-1)

Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients. Note that Tenable Network...

USN-2208-2: OpenStack Quantum vulnerability

USN-2208-1 fixed vulnerabilities in OpenStack Cinder. This update provides the corresponding updates for OpenStack Quantum. Original advisory details: JuanFra Rodriguez Cardoso discovered that OpenStack Cinder did not enforce SSL connections when Nova was configured to use QPid and qpidprotocol i...

Oracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU)

According to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code...

HP Database and Middleware Automation information leakage

No description provided...

HP Database and Middleware Automation信息泄漏漏洞

Bugtraq ID:66960 CVE ID:CVE-2013-6212 惠普数据库和中间件自动化软件HP Database and Middleware Automation DMA可提高员工效率,并将数据库管理人工操作进行自动化处理。 HP database and Middleware Automation server存在一个未明安全漏洞，允许攻击者利用漏洞获取敏感信息。 0 HP database and Middleware Automation server v10.0 HP database and Middleware Automation server v10.01...

[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04201408 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04201408 Version: 1 HPSBMU02982 rev....

Design/Logic Flaw

Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors...