Lucene search
K

1388 matches found

BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to disclose protected information.

The vulnerability of the Core RDBMS component of the database management system, Oracle Database Server, is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

5CVSS6.8AI score0.01129EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

The vulnerability of the US Federal Specific sub-component of the PeopleSoft Enterprise HCM Human Resources package from Oracle PeopleSoft Products allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the US Federal Specific sub-component of the PeopleSoft Enterprise HCM Human Resources package from Oracle PeopleSoft Products is related to inadequate access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

4.3CVSS6.4AI score0.01129EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.5 views

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications software package allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or gain unauthorized access to...

8.1CVSS7.7AI score0.01573EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.7 views

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications software package allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Hospitality Reporting and Analytics component in the Oracle Food and Beverage Applications suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or gain unauthorized access to...

8.5CVSS7.7AI score0.01366EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/11/08 12:0 a.m.2 views

Adobe ColdFusion RDS Authentication Bypass Vulnerability

Adobe ColdFusion is a dynamic Web server with CFML ColdFusion Markup Language, a programming language. An authentication bypass vulnerability exists in Adobe ColdFusion RDS, which arises from a lack of authentication measures or insufficient authentication strength in a networked system or produc...

7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/04 12:0 a.m.5 views

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

8.5CVSS5.5AI score0.01494EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.4 views

The vulnerability of the audioflinger component in the Android operating system, which allows a hacker to disclose protected information

The vulnerability of the audioflinger component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

5.5CVSS5.4AI score0.00366EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/10/21 12:0 a.m.3 views

CloudBees Jenkins Google Kubernetes Engine Plugin Permission Check Missing Vulnerability

CloudBees Jenkins is a set of Java-based development of continuous integration tools . CloudBees Jenkins Google Kubernetes Engine Plugin suffers from a security vulnerability that allows remote attackers to exploit the vulnerability by submitting a special request that can be used to obtain...

4.3CVSS6.7AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/16 6:22 p.m.25 views

CVE-2019-13683

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS3AI score0.00877EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.4 views

The vulnerability of the DirectWrite programming interface in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially crafted document or web page...

7.8CVSS5.5AI score0.12096EPSS
Exploits1References2
OSV
OSV
added 2019/09/27 7:15 p.m.5 views

CVE-2019-9399

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-11563566...

5.9CVSS6.8AI score0.00442EPSS
Exploits0References1
OSV
OSV
added 2019/09/27 7:15 p.m.3 views

CVE-2019-9353

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123024201...

6.5CVSS7AI score0.00732EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/09/03 12:27 a.m.3 views

OpenJDK: Missing URL format validation (Networking, 8221518)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

5.8CVSS7.3AI score0.02296EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2019/08/30 9:37 a.m.1 views

Ransomware Hits Dental Data Backup Service Offering Ransomware Protection

THIS WEEK IN THE IRONIC NEWS: DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware. Provided by two...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/30 12:0 a.m.47 views

CentOS 7 : gvfs (CESA-2019:2145)

An update for gvfs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7CVSS7.2AI score0.00368EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/21 12:0 a.m.1 views

IBM Security Guardium Big Data Intelligence XML External Entity Injection Vulnerability

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. An XML external entity injection vulnerability exists in IBM...

8.2CVSS6.9AI score0.02427EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/09 12:0 a.m.2 views

IBM Business Process Manager and IBM Business Automation Workflow XML External Entity Injection Vulnerability

IBM Business Process Manager BPM and IBM Business Automation Workflow are both products of IBM Corporation, U.S.A. IBM Business Process Manager is a comprehensive business process management platform. The platform provides a series of related tools for business process modeling, assembly,...

8.2CVSS7AI score0.02427EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.7 views

The vulnerability of the ComplexImage function (MagickCore/fourier.c) in the ImageMagick console-based graphics editor allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ComplexImage function in the ImageMagick console-based graphics editor MagickCore/fourier.c is related to the execution of operations beyond the buffer’s boundaries. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its...

8.8CVSS8AI score0.02731EPSS
Exploits1References12Affected Software2
Node.js
Node.js
added 2019/08/07 4:58 p.m.9 views

Malicious Package

Overview Version 1.1.3 of pensi-scheduler contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's...

7AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/08/06 12:0 a.m.2 views

IBM Intelligent Operations Center XML External Entity Injection Vulnerability

IBM Intelligent Operations Center IOC is a suite of city operations solutions from IBM in the United States. The product features data visualization and real-time collaboration. An XML external entity injection vulnerability exists in IBM IOC, which can be exploited by remote attackers to disclos...

8.2CVSS7AI score0.02427EPSS
Exploits0References1
Rows per page
Query Builder