3671 matches found
mysql: unspecified DoS related to Federated (CPU April 2014)
Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated...
Aleph 500 Cross Site Scripting
Greetings: a ALEPH500 Integrated library management system Cross Site Scripting£»CVE-ID is CVE-2014-3718. Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to pursue the essence of philosophy is flexible and easy to use. Ex Libris is the world...
Fedora Update for bugzilla FEDORA-2014-5433
Check for the Version of bugzilla OpenVAS Vulnerability Test Fedora Update for bugzilla FEDORA-2014-5433 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Oracle Database Server Multiple Unspecified Vulnerabilities-01 (Apr 2014)
Oracle Database Server is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-2408
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."...
CVE-2014-2406
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges...
CVE-2014-2406
The CVE-2014-2406 entry concerns Oracle Database Server Core RDBMS, affecting Oracle Database Server versions 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1. The vulnerability is described as unspecified, allowing remote authenticated users to impact confidentiality, integrity, and availability via u...
CVE-2014-2408
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."...
Oracle Database Multiple Vulnerabilities (April 2014 CPU)
The remote Oracle database server is missing the April 2014 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the Core RDBMS component. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
强智综合教务系统后台上传漏洞,可沦陷服务器
简要描述: 后台上传获取webshell 通过搜索获得Oracle数据库管理权限 修改成绩 详细说明: http://www.qzdatasoft.com:8088/qznjw/ewebeditor/admin/ 默认账号密码admin 直接上传webshell 获取root权限 (ewebeditor后台授权漏洞修补 目前无法使用ewebeditor后台进行上传) 搜索 oracle.jdbc.driver.OracleDriver 可以获取Oracle数据库账号密码 通过官方PDF文档知晓 成绩保存在CJ0708 补考保存在CJ0708BK 通过近期对服务器信息收集发现...
Oracle RDBMS Patchset Out of Date (credentialed check)
The version of Oracle Database server installed on the remote host is an unsupported patchset level. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid72982; scriptversion"1.6";...
PT-2014-1194 · Oracle +6 · Mysql Server +6
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 5.5.35 and earlier Oracle MySQL Server versions 5.6.15 and earlier Description: The issue allows remote authenticated users to affect availability via unknown vectors related to the Federated component. This can...
WellinTech KingSCADA KingAlarm & Event KAEManageServer Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event.; Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130...
Oracle Database Server Multiple Unspecified Vulnerabilities-02 (Jan 2014)
Oracle Database Server is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle Database Server Multiple Unspecified Vulnerabilities-01 (Jan 2014)
Oracle Database Server is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect availability via unknown vectors...
Oracle Patches 36 Java Flaws in January 2014 CPU
All has been relatively quiet of late on the Java security front, which is in stark contrast to a year ago when Java was the scourge of the Internet. Vulnerabilities in Java were being exploited at an alarming rate in a number of targeted attacks including watering hole attacks against prominent...
CVE-2014-0378
CVE-2014-0378 affects Oracle Database Server’s Spatial component across 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1. The vulnerability is described as unspecified, enabling local users to impact confidentiality, integrity, and availability via unknown vectors. CVSS v2 base score is 4.1 (MEDIUM), w...
CVE-2014-0378
Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors...
Oracle Database Multiple Vulnerabilities (January 2014 CPU)
The remote Oracle database server is missing the January 2014 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Core RDBMS - Spatial %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...