wolfSSL Information Disclosure Vulnerability (CNVD-2020-49929)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. An information disclosure vulnerability exists in wolfSSL versions prior to 4.5.0. The vulnerability is related to a buggy implementatio...

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Microsoft Windows Media Foundation Memory Corruption Vulnerability (CNVD-2020-48264)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Media Foundation A memory corruption vulnerability exists in Microsoft...

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to the ability to modify, add,...

The vulnerability of the Infrastructure component of Oracle Financial Services Analytical Applications Infrastructure allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of Oracle Financial Services Analytical Applications Infrastructure’s component is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or to gain...

CVE-2020-16227

Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execut...

CVE-2020-16225

Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-47576)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted project fil...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-46851)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted...

Delta Electronics TPEditor Input Validation Error Vulnerability

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. An input validation error vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially...

PT-2020-14824 · Delta Electronics · Tpeditor

Name of the Vulnerable Software and Affected Versions: Delta Electronics TPEditor versions 1.97 and prior Description: A write-what-where condition may be exploited by processing a specially crafted project file, potentially allowing an attacker to read or modify information, execute arbitrary...

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software lies in deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, add, or delete data using the HTTP protocol...

Vulnerability of the MySQL Server component: Security: Roles of the database management system, which allows attackers to gain unauthorized access to protected information or to modify, add, or delete data.

Vulnerability of the MySQL Server component: Security: The roles of the MySQL Server database management system are related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information or to...

The vulnerability of the UI Servlet component of the Oracle Configurator allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...

Red Hat CloudForms Access Control Error Vulnerability

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. An access control error vulnerability exists in Red Hat CloudForms. T...

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or...

The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2020-43107)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Kernel, which aris...

Microsoft Remote Desktop Client Remote Code Execution Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in the Microsoft Remote Desktop Client, which...

Microsoft Windows Diagnostics Hub Elevation of Privilege Vulnerability

Windows Server is the brand name of a series of server operating systems released by Microsoft, which includes all Windows operating systems released under the brand name "Windows Server". An elevation of privilege vulnerability exists in Microsoft Windows Diagnostics Hub, which arises from a...