199 matches found
Azure Linux 3.0 Security Update: mysql (CVE-2024-20963)
The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-20963 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported...
TencentOS Server 3: java-11-konajdk (TSSA-2022:0169)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0169 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2020-14655
Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware component: SSL API. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracl...
CVE-2020-14530
Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware component: None. The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successfu...
Oracle Critical Patch Update Advisory - April 2025
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...
RHSA-2015:1242 Red Hat Security Advisory: java-1.7.0-oracle security update
Bulletin has no description...
Oracle DB SQL Injection Via SYS.LT.COMPRESSWORKSPACE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE', 'Description' = %q This module exploits an sql injection flaw in the COMPRESSWORKSPACE...
Vulnerabilities fixed in Oracle Hyperion
Oracle has fixed vulnerabilities in several Hyperion products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive...
Oracle MySQL Server 8.x <= 8.0.34, 8.1.x <= 8.3.0 Security Update (cpuapr2024) - Linux
Oracle MySQL Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle MySQL Server 8.x <= 8.0.34, 8.1.0 Security Update (cpujan2024) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
Vulnerabilities fixed in Oracle Hyperion
Vulnerabilities have been fixed in Oracle Hyperion products. A malicious party can exploit the vulnerabilities to gain full control to the Oracle Hyperion infrastructure. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |...
PT-2023-6387 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.33 and prior Description: The issue is related to a vulnerability in the MySQL Server product of Oracle MySQL, specifically in the Server: Security: Encryption component. This vulnerability allows a high privileged...
Insufficient Timestamp Validation for Signed Messages
Lines of code Vulnerability details Impact A message can be signed by the oracle for any future point in time, and it will be valid for 20 minutes. If messages with invalid timestamps pointing to the future get signed, there is no way of invalidating them. A compromised or malfunctioning oracle...
Oracle VirtualBox 6.1.x < 6.1.40 Security Update (cpuoct2022) - Mac OS X
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
PT-2022-37513 · Oracle · Oracleasm
Name of the Vulnerable Software and Affected Versions: oracleasm affected versions not specified Description: The issue is related to the grub2 boothole 3 problem, which necessitates a rebuild with a new secure boot key. Recommendations: At the moment, there is no information about a newer versio...
Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation
The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in multiple products. The Apache XML Security Java is affected by the vulnerability published in US-Cert VU 466161. See: http://www.kb.cert.org/vuls/id/466161 for more information. This bug can allow ...
You Need to Update iOS, Android, and Chrome Right Now
Plus: Microsoft patched some 100 flaws, while Oracle issued more than 500 security fixes...
Vulnerabilities fixed in Oracle Virtualization
Oracle has fixed vulnerabilities in Secure Global Desktop and VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Server-side request forgery Denial-of-Service DoS. Manipulation of data Access to system data...
Oracle Java SE Security Update (jul2021) 03 - Windows
This host is missing a security update according to Oracle. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle WebLogic Server 安全漏洞
Oracle WebLogic Server is a cloud-native, enterprise-grade Java platform application server for multi-tier distributed enterprise application development and deployment. A security vulnerability exists in the Core component of Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0,...