380 matches found
EMC ECS S3 Authentication Bypass Vulnerability
Dell EMC Elastic Cloud Storage ECS is an object storage application designed for traditional and next-generation workloads. An authentication bypass vulnerability exists in Dell EMC ECS versions 3.2.0.0 and 3.2.0.1, which can be exploited by a remote, unauthenticated attacker to read and modify S...
IBM Security Guardium Big Data Intelligence Critical Resource Privilege Assignment Vulnerability
IBM Security Guardium Big Data Intelligence is a solution that delivers the capabilities of a big data platform while meeting data security requirements. IBM Security Guardium Big Data Intelligence SonarG suffers from an incorrect assignment of critical resource permissions vulnerability. An...
CVE-2018-1370
IBM Security Guardium Big Data Intelligence SonarG 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 137769...
CVE-2018-2876
Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications subcomponent: RIB KernalApache Commons Collections. The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...
CVE-2018-2857
Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: HTTP data path subsystems. The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2018-2821
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Rich Text Editor. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2018-2738
Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-14465
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...
CVE-2018-2571
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications subcomponent: Portal. Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2018-2659
Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime SEC. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2017-10413
Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite subcomponent: Multiplatform Based on HTML5. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...
CVE-2017-10367
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2017-10161
Vulnerability in the Oracle Engineering Data Management component of Oracle Supply Chain Products Suite subcomponent: Web Services Security. Supported versions that are affected are 6.1.3.0 and 6.2.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2017-10078 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). (BSA-2017-403)
Security Advisory ID: BSA-2017-403 Component: Java Revision : 3.0: Final Vulnerability in the Java SE component of Oracle Java SE subcomponent: Scripting. The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low-privileged attacker with network access...
CVE-2017-10249
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Integration Broker. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2017-10206
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Engagement. The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...
CVE-2017-10145
Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
CVE-2017-10049
Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core CRM. Successful attacks require...
CVE-2017-10030
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...
CVE-2017-10024
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Layout Tools. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...