CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

The vulnerability of the Samples component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Samples component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...

CVE-2022-23972

ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user input validation. An unauthenticated LAN attacker to inject arbitrary SQL code to read, modify and delete database...

ImpressCMS SQL注入漏洞

A SQL injection vulnerability exists in ImpressCMS, a database MySQL-driven, modular content management system, which can be exploited by attackers to read and modify sensitive information from the database used by the application...

ALF-BanCo 信任管理问题漏洞

ALF-BanCo is a home banking software from the German company ALF-BanCo. It can manage various bank accounts, Paypal accounts and many credit cards. A trust management issue vulnerability exists in ALF-BanCO version v8.2.5, which originates from hard-coding passwords to encrypt SQLite databases...

CVE-2022-25251

When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send certain XML messages to a specific port without proper authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated...

CVE-2022-24396

The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities an...

CVE-2022-25402

An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...

CVE-2022-25402

An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...

Hms 安全漏洞

HMS is a computer or web based hospital management system by Kabir Khyrul personal developer in Bangladesh. It helps in managing the operations of a hospital or any healthcare organization. There is a security vulnerability in HMS that stems from the product not effectively restricting access to...

CVE-2022-21396

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications component: Mediation Engine. Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

CVE-2022-21373

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Reseller Locator. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner...

CVE-2022-21376

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2 and 20.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2022-21272

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2022-21262

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

SiPass integrated access control vulnerability (CNVD-2021-100378)

SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, the affected application does not adequately restrict access to the internal active synopsis database. A remote attacker could exploit the vulnerability to read, modify, or delete, among other...

CVE-2021-44523

A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...

Siemens SiPass Integrated和Siveillance Identity 安全漏洞

SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, the affected application does not adequately restrict access to the internal active synopsis database. A remote attacker could exploit the vulnerability to read, modify, or delete, among other...

CVE-2021-22279

A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port...