CVE-2020-25990

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'displayname' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

The vulnerability of the Device Driver Utility component of the Oracle Solaris operating system allows a hacker to gain access to modify, add, or delete data, or cause service failures.

The vulnerability of the Device Driver Utility component of the Oracle Solaris operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to modify, add, or delete data, or cause service failures...

The vulnerability of the Web Server component of the Primavera Portfolio Management software allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Web Server component of the Primavera Portfolio Management software for automating production processes exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to...

CVE-2020-0277

In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for...

The vulnerability of the SWSE Server component of the Siebel UI Framework allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the SWSE Server component of the Siebel UI Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...

UBUNTU-CVE-2019-19499

Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...

wolfSSL Information Disclosure Vulnerability (CNVD-2020-49929)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. An information disclosure vulnerability exists in wolfSSL versions prior to 4.5.0. The vulnerability is related to a buggy implementatio...

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Microsoft Windows Media Foundation Memory Corruption Vulnerability (CNVD-2020-48264)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Media Foundation A memory corruption vulnerability exists in Microsoft...

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to the ability to modify, add,...

The vulnerability of the Infrastructure component of Oracle Financial Services Analytical Applications Infrastructure allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of Oracle Financial Services Analytical Applications Infrastructure’s component is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or to gain...

CVE-2020-16227

Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execut...

CVE-2020-16225

Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-47576)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted project fil...

Delta Electronics TPEditor Input Validation Error Vulnerability

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. An input validation error vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-46851)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted...

PT-2020-14824 · Delta Electronics · Tpeditor

Name of the Vulnerable Software and Affected Versions: Delta Electronics TPEditor versions 1.97 and prior Description: A write-what-where condition may be exploited by processing a specially crafted project file, potentially allowing an attacker to read or modify information, execute arbitrary...

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or...

Vulnerability of the MySQL Server component: Security: Roles of the database management system, which allows attackers to gain unauthorized access to protected information or to modify, add, or delete data.

Vulnerability of the MySQL Server component: Security: The roles of the MySQL Server database management system are related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information or to...

Red Hat CloudForms Access Control Error Vulnerability

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. An access control error vulnerability exists in Red Hat CloudForms. T...