234 matches found
MySQL Enterprise Monitor 4.0.11.x < 4.0.12.5341 / 8.0.18.x < 8.0.20.1227(Apr 2020 CPU)
According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 4.0.11.x prior to 4.0.12.5341 or 8.0.18.x prior to 8.0.20.1227. It is, therefore, affected by a session fixation vulnerability. An unauthenticated, remote attacker could exploit this to...
Oracle WebLogic Server BadAttributeValueExpException deserialization
Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2017 - Includes Oracle Jan 2017 CPU affect IBM Content Collector for Email
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by Content Collector for SAP Applications. Vulnerability Details CVEID: CVE-2017-3289 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core - Oracle CPU April 2016
Summary Oracle released the April 2016 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Vulnerability Details New IBM WebSphere Application Server updates are available that...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core - Oracle CPU January 2016
Summary Oracle released the January 2016 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Vulnerability Details New IBM WebSphere Application Server updates are available th...
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2016 - Includes Oracle Oct 2016 CPU affect IBM Content Collector for Microsoft SharePoint
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by Content Collector for Microsoft SharePoint Vulnerability Details CVEID: CVE-2016-5582 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedd...
Security Bulletin: Rational Reporting for Development Intelligence - Oracle CPU January 2014 (CVE-2014-0416, CVE-2014-0423)
Summary Multiple security vulnerabilities exist in the IBM JRE that is shipped with the Rational Reporting for Development Intelligence RRDI. The same security vulnerabilities also exist in the IBM Java SDK that is shipped with the IBM WebSphere Application Server WAS. Vulnerability Details |...
Security Bulletin: Rational Insight - Oracle CPU October 2013 (CVE-2013-5802, CVE-2013-5825)
Summary Multiple security vulnerabilities exist in the IBM JRE that is shipped with Rational Insight. The same security vulnerabilities also exist in the IBM Java SDK that is shipped with the IBM WebSphere Application Server WAS. Vulnerability Details | Subscribe to My Notifications to be notifie...
Security Bulletin: Information regarding security vulnerability in IBM SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU January 2014
Summary Multiple security vulnerabilities exist in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server and included in the products that are listed in this document. Vulnerability Details The affected products are shipped with a version of IBM WebSphere...
Security Bulletin: Information regarding security vulnerability in IBM SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU January 2014
Summary Multiple security vulnerabilities exist in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server and is included in the products that are listed in this document. Vulnerability Details The affected products are shipped with a version of IBM WebSphere...
Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013
Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in the product that is listed in this document. Vulnerability Details WebSphere Dynamic Process Edition is shipped with a version of IBM WebSphere...
Fedora 26 : 1:java-1.8.0-openjdk (2018-d50769efa0)
updated to Security u161 Oracle CPU 1/2018 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Oracle E-Business Suite 12.1.312.2.x - Open Redirect
Oracle E-Business Suite 12.1.312.2.x - Open Redirect Exploit Title: Oracle E-Business suite Open Redirect Google Dork: inurl:OAHTML/cabo/ Date: April 2017 Exploit Author: author Vendor Homepage: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html Software Link: download li...
Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
Oracle Web Center XSS Details ======================================================================================== Product: Oracle Web Center Versions 11.1.1.9.0, 12.2.1.1.0, 12.2.1.2.0 Security-Risk: High Remote-Exploit: yes Vendor-URL: https://www.oracle.com/ CVE-ID: CVE-2017-10075 CVSS: 8....
Oracle PeopleSoft ToolsRelease 8.55.03 / ToolsReleaseDB 8.55 / HCM 9.2 XSS Vulnerabilities
PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a TestServlet cross site scripting vulnerability. 1. ADVISORY INFORMATION Title: Multiple XSS POST request Vulnerabilities in TestServlet PeopleSoft Advisory ID: ERPSCAN-17-037 Advisory URL:...
Oracle Integration Gateway Directory Traversal Vulnerability
Oracle Integration Gateway PSIGW suffers from a directory traversal vulnerability. 1. ADVISORY INFORMATION Title: Directory Traversal vulnerability in Integration Gateway PSIGW Advisory ID: ERPSCAN-17-038 Advisory URL:...
Oracle MICROS POS missing authorisation check
Application: Oracle MICROS POS Versions Affected: Oracle Hospitality Simphony 2.7-2.9 Vendor URL: Oracle Bug: Missing Authentication for Critical Function Reported: 21.07.2017 Vendor response: 22.07.2017 Date of Public Advisory: 17.01.2018 Reference: Oracle CPU January 2018 Author: Dmitry Chastuh...
Information Disclosure in PeopleSoft Listening Connector
Application: Oracle PeopleSoft Versions Affected: Oracle PeopleTools 8.54 – 8.56 Vendor: Oracle Bugs: Information Disclosure Reported: 15.06.2017 Vendor response: 16.06.2017 Date of Public Advisory: 17.01.2018 Reference: Oracle CPU January 2018 Authors: Dmitri Iudin aka @ret5et ERPScan...
Oracle PeopleSoft - Server-Side Request Forgery Vulnerability
Exploit for java platform in category web applications Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017...
Oracle PeopleSoft HCM 9.2 XXE Injection
Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Nadya Krivdyuk ERPScan Description 1...