The vulnerability of the Apache Superset data visualization software lies in its authentication procedures’ flaws, which allow unauthorized users to gain unauthorized access to read, modify, or delete data.

The vulnerability of Apache Superset’s data visualization software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to read, modify, or delete data by sending specially crafted request...

CVE-2024-10476

Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information PHI and personally identifiable information PII. Exploitation of this...

IBM Concert 安全漏洞

IBM Concert is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. IBM Concert suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. A...

The vulnerability of the Docker software component for managing Brocade SANnav networks allows a hacker to read or modify protected information.

The vulnerability of the Docker software for network management in Brocade SANnav relates to the improper use of standard permissions. Exploiting this vulnerability could allow an attacker to read or modify protected information...

Grand Vice info Webopac SQL注入漏洞

Grand Vice info Webopac is an online public access catalog from China Xinxueying Info Grand Vice info. It is used for users to use library services through the Internet. A SQL injection vulnerability exists in Grand Vice info Webopac version 6.x prior to 6.5.1 and version 7.x prior to 7.2.3, whic...

The vulnerability of the Infrastructure component of the Oracle Banking Liquidity Management management platform allows a hacker to gain unauthorized access to read, create, modify, and delete data, or to cause a service failure.

The vulnerability of Oracle Banking Liquidity Management’s infrastructure component relates to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to read, create, modify, and delete data, or cause...

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to create, modify, and delete data.

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, is related to deficiencies in the authorization mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create...

The vulnerability of the Database Core Component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Database Core Component of the Oracle Database Server management system is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data...

CVE-2024-21247

...

The vulnerability of the Tasks component in the Oracle Common Applications Calendar application of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, and delete data.

The vulnerability of the Tasks component in Oracle Common Applications Calendar, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

UBUNTU-CVE-2024-21210

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

The vulnerability of the application programming interface of the software platform based on Git for collaborative code development on GitLab allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the application programming interface of a Git-based software platform for collaborative code development on GitLab is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, or delete access ...

CVE-2024-8327

Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-28987

SolarWinds Web Help Desk (WHD) is affected by a hardcoded credential vulnerability that allows remote, unauthenticated access to internal functionality and data modification. Affected versions are WHD

Missing Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Missing Authorization via the authorization process. A low-privileged attacker can modify minor information by bypassing security measures through sending crafted requests...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security bypass vulnerability exists in Adobe Commerce, which can be exploited by an attacker to bypass security measures and modify secondary...

Adobe Commerce 安全漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe USA. A security vulnerability exists in Adobe Commerce that stems from improper authorization. An attacker could exploit the vulnerability to bypass security measures and modify secondary information...