96 matches found
CVE-2021-37734
A remote unauthorized read access to files vulnerability was discovered in Aruba Instant versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 a...
mysql: Information Schema unspecified vulnerability (CPU Jan 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
CVE-2021-2032
Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
mysql: C API unspecified vulnerability (CPU Apr 2020)
Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...
mysql: C API unspecified vulnerability (CPU Jan 2021)
Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...
PT-2020-4501
Name of the Vulnerable Software and Affected Versions Java SE versions 7u271, 8u261, 11.0.8, and 15 Java SE Embedded version 8u261 Description The issue is related to insufficient input validation in the JNDI component of Java SE and Java SE Embedded. It allows an unauthenticated attacker with...
mysql: C API unspecified vulnerability (CPU Apr 2020)
Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...
The vulnerability of the application policy configuration of Cisco Firepower Threat Defense allows a attacker to gain read access to data.
The vulnerability of Cisco Firepower Threat Defense’s application policy configuration is related to lack of access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read-only access to data by creating traffic on the vulnerable device...
UBUNTU-CVE-2020-8021
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...
UBUNTU-CVE-2019-2922
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
UBUNTU-CVE-2019-2894
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
PT-2022-5171 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.39 and prior MySQL Server versions 8.0.16 and prior Description: The issue exists due to insufficient input validation in the MySQL Server component, specifically in the Security: Privileges subcomponent. This allows...
CVE-2019-2846
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows...
CVE-2019-2704
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: IPS Package Manager. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Solaris. Successfu...
CVE-2019-2586
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: RemoteCall. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
DEBIAN-CVE-2018-3157
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Sound. The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...
CVE-2018-15697
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path. For example, /home/admin/.ashhistory...