The vulnerability of the Close Manager component of the Oracle Hyperion Financial Close Management application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Close Manager component of the Oracle Hyperion Financial Close Management application exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain access to the ability to modify, add, or delete data...

The vulnerability of the Security component of the Oracle AutoVue data visualization application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Security component of the Oracle AutoVue data visualization application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

The vulnerability of the Diagnostics sub-component of the Oracle Application Object Library in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Diagnostics sub-component of the Oracle Application Object Library in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP...

The vulnerability of the Investor Module component of the Primavera Portfolio Management software, a software solution for automating management processes in production operations, allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Investor Module component of Primavera Portfolio Management software exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected...

The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely access and modify,...

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to...

PT-2020-3242 · Oracle · Oracle Database

Name of the Vulnerable Software and Affected Versions: Oracle Database - Enterprise Edition versions 12.1.0.2, 12.2.0.1, 18c, and 19c Description: The issue exists due to insufficient input validation in the Oracle Database - Enterprise Edition component of Oracle Database Server. This allows a...

The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a part of the Oracle E-Business Suite, allows an intruder to access, modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the Diagnostics component of the Oracle Applications Framework, a part of the Oracle E-Business Suite, relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

The vulnerability of the Project Manager component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Project Manager component of the Oracle Primavera P6 Enterprise Project Portfolio Management application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...

OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

The vulnerability of the Database Gateway for ODBC component in the Oracle Database Server database management system allows a hacker to gain access to modify, add, or delete data, or to cause partial service interruption.

The vulnerability of the Oracle Database Server ODBC driver’s database server lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or cause a partial service failure using the OracleNet network protocol...

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component allows a hacker to gain access to modify, add, or delete data.

The vulnerability of Oracle Java SE and Java SE Embedded software’s Networking component exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data remotely...

The vulnerability of the Message Hooks component of Oracle CRM’s customer relationship management system allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Message Hooks component in Oracle CRM Technical Foundation’s customer relationship management system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data using the...

The vulnerability of the Connector Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to gain unauthorized access to protected information, or to cause service failures.

The vulnerability of the Connector Framework component of the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, gain unauthorized access to protected information...

The vulnerability of the Event Management component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to gain unauthorized access to protected information, or to cause service failures.

The vulnerability of the Event Management component of the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, gain unauthorized access to protected information, o...

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software allows a perpetrator to gain access to data modification capabilities.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...

CVE-2020-2541

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications software package allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or gain unauthorized access to...

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications software package allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or gain unauthorized access to...