The vulnerability of the Oracle E-Business Suite system allows a perpetrator to gain unauthorized access to read data.

The vulnerability of the Oracle Application Object Library component specifically, the Single Signoff sub-component within the Oracle E-Business Suite automation system is related to code errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acces...

The vulnerability of the Oracle Supply Chain Management system allows a perpetrator to gain unauthorized access and read data.

The vulnerability of the Oracle Configurator component in the Oracle Supply Chain Management system is related to errors in the code. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to read data...

The vulnerability of the Oracle Fusion Middleware software allows a perpetrator to gain unauthorized access to read data.

The vulnerability of the Oracle Jdeveloper component of the Oracle Fusion Middleware software is related to errors in the code. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read data...

The vulnerability of the Security SiteProtector System, a website security protection system, allows attackers to gain access to the protected information.

The vulnerability of the Security SiteProtector System security system lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor, operating locally, to gain access to protected information by reading cached data...

php: Free called on unitialized pointer in exif.c

An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifreaddata function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application...

Cisco Unified MeetingPlace SQL Injection Vulnerability (CNVD-2015-04162)

Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A SQL injection vulnerability exists in Cisco Unified MeetingPlace due to the program failing to properly validate user input within a sql query. An authenticated, remote...

IBM PureApplication System Information Disclosure Vulnerability

IBM PureApplication System is a platform system designed for transactional Web and database applications. An information disclosure vulnerability exists in IBM PureApplication System, which allows remote attackers to bypass privilege checks and read sensitive information...

Unspecified Vulnerability in Oracle Supply Chain Product Suite Transportation Management Component

Oracle Transportation Management is a transportation management system. It provides transportation planning, transportation execution, and freight payment functions for shippers and third-party logistics providers. A security vulnerability exists in the Security subcomponent of the Oracle...

Unspecified Vulnerability in Oracle Supply Chain Product Suite Transportation Management Component (CNVD-2015-02605)

Oracle Transportation Management is a transportation management system. It provides transportation planning, transportation execution, and freight payment functions for shippers and third-party logistics providers. A security vulnerability exists in the Security subcomponent of the Oracle...

Xen External X86 System Device Emulation Information Disclosure Vulnerability

Xen is an open source virtual machine. Xen has a security vulnerability that allows a malicious HVM Guest to simulate reading sensitive data from other Guests via an external X86 system setting...

postgresql: CREATE INDEX race condition possibly leading to privilege escalation

Race condition in the 1 CREATE INDEX and 2 unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables b...

CVE-2010-1967

Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors...

CVE-2010-1970

HP Insight Software Installer for Windows (pre-6.1) is affected by CVE-2010-1970. The vulnerability allows local users to read or modify data and potentially gain privileges due to an unspecified flaw in the installer component. Affected product line is HP Insight Software Installer for Windows, ...

mysql: multiple insufficient table name checks

Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. dot dot in a table name...

php: exif_read_data crash on corrupted JPEG files

The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...

Ubuntu Update for firefox vulnerabilities USN-690-3

Ubuntu Update for Linux kernel vulnerabilities USN-690-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN6903.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-690-3 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Code injection

Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service device hang and read data from a COM or LPT device via a DOS device name with an arbitrary extension...

CVE-2006-5680

The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before 2006-11-08 allows context-dependent attackers to cause a denial of service CPU consumption via a malformed archive that causes libarchive to skip a region past the actual end of the archive, which triggers an infinite loop tha...

CVE-2006-4353

Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors...

Ubuntu 4.10 : php4 vulnerabilities (USN-40-1)

Stefan Esser reported several buffer overflows in PHP's variable unserializing handling. These could allow an attacker to execute arbitrary code on the server with the PHP interpreter's privileges by sending specially crafted input strings form data, cookie values, and similar. Additionally, Ilia...