CVE-2023-22109

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Dashboards. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

CVE-2023-22088

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: User Management. Supported versions that are affected are 7.4.0 and 7.4.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

CVE-2023-20223

A vulnerability in Cisco DNA Center could allow an unauthenticated, remote attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control enforcement on API requests. An attacker could exploit th...

PT-2023-7766 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI affected versions not specified Description: The issue is related to the User macros function in Nagios XI, which has insufficient access control. This can be exploited by a remote attacker to read, modify, or delete data, or cause ...

PT-2023-6624 · Sap · Sap Commoncryptolib

Name of the Vulnerable Software and Affected Versions: SAP CommonCryptoLib affected versions not specified Description: The issue is related to insufficient authorization checks in the SAP CommonCryptoLib library. This can lead to an escalation of privileges, allowing a remote attacker to read,...

Oracle Linux 7 : libssh2 (ELSA-2019-2136)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2136 advisory. - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix out-of-bounds memory comparison with...

The vulnerability of the PostgreSQL database management system, related to deficiencies in access control, allows attackers to read and update protected data.

The vulnerability of the PostgreSQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to read and update sensitive data that is protected by security measures...

CVE-2023-20211

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...

The vulnerability of the software platform for managing operational data, related to errors in using standard permissions, allows a perpetrator to read and modify arbitrary data in various system catalogs. This vulnerability enables unauthorized access and manipulation of data within the ABB Ability zenon system.

The vulnerability of the software platform for operating data management in ABB Ability zenon relates to errors in the use of standard permissions. Exploiting this vulnerability allows attackers to read and update arbitrary data in various system catalogs...

CVE-2023-3321

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts...

CVE-2023-3322

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts...

ABB Abilit zenon 安全漏洞

ABB Abilit zenon is a secure operational data management platform from ABB that makes it easy to connect machines, infrastructure and production assets. A security vulnerability exists in ABB Abilit zenon build 11 through 11 build 106404, which stems from a vulnerability that allows a user with l...

PT-2023-4105 · Abb · Abb Ability Zenon

Name of the Vulnerable Software and Affected Versions: ABB Ability zenon versions 11 build through 11 build 106404 Description: A vulnerability exists in the ABB Ability zenon system, allowing low-privileged users to read and update data in various directories. This issue is related to errors in...

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

CVE-2023-22039

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: WebClient. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human...

CVE-2023-22010

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.4.3.0.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of this vulnerability can...

PT-2023-4054 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.42 and prior MySQL Server versions 8.0.33 and prior Description: The issue allows a low-privileged attacker with network access via multiple protocols to compromise the MySQL Server. Successful attacks can result in...

CVE-2023-36748

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...