56 matches found
PT-2022-3652 · Fortinet · Fortimanager +3
Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiManager versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiOS versions 7.0.0...
L1Migrator.migrateETH can be used to take away protocol's access to funds
Handle Ruhum Vulnerability details Impact The L1Migrator.migrateETH function can be called by anyone. It pulls all the ETH from the BridgeMinter contract and starts the process of moving the funds to L2. First of all, this function is only executable once. The RetryableTicket created with the fir...
UBUNTU-CVE-2021-35607
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in the Oracle Payabl...
Teleport授权问题漏洞
Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport suffers from an authorization issue vulnerability...
FANUC Robot Controllers (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: R-30iA and R-30iB series controllers Vulnerabilities: Integer Coercion Error, Out-of-bounds Write 2. UPDATE INFORMATION This advisory is a follow-up to the original advisory titled ICSA-21-243-02P FANUC...
Oracle E-Business Suite Oracle Trade Management Quotes 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is seamlessly integrated with a management suite.Oracle Trade...
多款 Oracle 产品输入验证错误漏洞
Oracle Java SE Embedded is a Java platform for portable applications for embedded systems from Oracle Corporation USA. Libraries component in Oracle GraalVM Enterprise Edition is incorrectly validated. It allows an unauthenticated attacker to access the network via multiple protocols, thereby...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
...
UBUNTU-CVE-2019-17221
PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HT...
Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements (CVE-2019-4259)
Summary A security vulnerability has been identified in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements CVE-2019-4259 Vulnerability Details Deployments with protocol access metho...
FreeBSD : payara -- Multiple vulnerabilities (d70c9e18-f340-11e8-be46-0019dbb15b3f)
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution. Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability...
CVE-2017-10161
Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite subcomponent: Web Services Security. Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2017-10179
Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are AMP 12.1.0.4.0 and AMP 13.1.1.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ...
CVE-2017-3482
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low privileged...
security flaw
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup...