The vulnerability of the command-line interface of the Cisco FXOS operating system allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the command-line interface of the Cisco FXOS operating system is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

The vulnerability of the exif_read_data function in the PHP programming language allows attackers to disclose protected information or cause service failures.

The vulnerability of the exifreaddata function in the PHP programming language lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to disclose protected information or cause service failures...

The vulnerability of the exif_read_data function in the PHP programming language, related to reading beyond the buffer boundaries, allows attackers to disclose protected information or cause service failures.

The vulnerability of the exifreaddata function in the PHP programming language arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause service failures...

PT-2020-1802 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: A cross-site-scripting XSS issue exists due to improper sanitization of specially crafted web requests. This could allow a remote attacker to perform cross-site scriptin...

PT-2020-2411 · Php +8 · Php +8

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x below 7.2.9 PHP versions 7.3.x below 7.3.16 PHP versions 7.4.x below 7.4.4 Description: The issue is related to the exif read data function in PHP, which can cause the language to read one byte of uninitialized memory while...

The vulnerability of the sub-component of the Infrastructure component of the Oracle FLEXCUBE Universal Banking banking analytics system, a simulation modeling application of Oracle Financial Services, allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Infrastructure sub-component of the Oracle FLEXCUBE Universal Banking component, a banking analytics system for simulation-based modeling by Oracle Financial Services Applications, is related to the lack of protection for operational data. Exploiting this vulnerability...

CVE-2020-2710

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payment...

CVE-2020-2687

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-2649

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Internal Operations. The supported version that is affected is 16.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure...

CVE-2020-2650

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Promotions. The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-2635

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: System Monitoring. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2602

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Tree Manager. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-2600

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-2538

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: Advanced UI. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

PT-2019-4739 · Php +7 · Php +7

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.25 PHP versions 7.3.x through 7.3.12 PHP version 7.4.0 Description: The issue is related to the PHP EXIF extension when parsing EXIF information from an image, for example, via the exif read data function. It is...

Microsoft SQL Server Reporting Services Cross-Site Scripting Vulnerability

Microsoft SQL Server Reporting Services is a server-based reporting platform. A cross-site scripting vulnerability exists in Microsoft SQL Server Reporting Services that originates from the program failing to properly clean up a specially crafted web request. A remote attacker could exploit the...

The vulnerability of the archive_read_format_rar_read_data function in the archive_read_support_format_rar.c module of the libarchive library allows a hacker to cause a service failure.

The vulnerability of the archivereadformatrarreaddata function in the archivereadsupportformatrar.c file of the libarchive library is related to the use of memory after its release. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data, or cause service interruptions through...