1373 matches found
PT-2024-38399 · Trimble · Trimble Sketchup Pro
Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Pro affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp Pro. User interaction is required to exploit this, where the...
Mercodia Feripro 安全漏洞
Mercodia Feripro is a vacation management software from Mercodia USA. A security vulnerability exists in Mercodia Feripro 2.2.3 and earlier versions, which stems from an incorrect access control vulnerability in /admin/programm//export/statistics, which could allow a remote attacker to export an...
CVE-2024-39832
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly safeguard an error handling which allows a malicious remote to permanently delete local data by abusing dangerous error handling, when share channels were enabled...
The vulnerability of the Apache HTTP Server’s web server kernel allows attackers to disclose protected information.
The vulnerability of the Apache HTTP Server’s kernel is related to the fact that outdated handler configurations are ignored by the “AddType” feature. Exploiting this vulnerability allows a malicious actor to disclose sensitive information remotely...
The vulnerability of the /downloadFile.php web interface of Netgear WN604 software, which allows a hacker to disclose protected information
The vulnerability of the /downloadFile.php web interface of Netgear WN604 router software lies in the insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor to disclose protected information from a remote location...
The vulnerability in the web-based client of IBM Datacap Navigator software for document collection and processing involves the use of cryptographic algorithms that contain defects, allowing attackers to decrypt confidential information.
The vulnerability of the IBM Datacap Navigator software for document collection and processing lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to decrypt confidential information remotely...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...
OpenJDK: Out-of-bounds access in 2D image handling (8324559)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1;...
OpenJDK: potential UTF8 size overflow (8314794)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....
PT-2024-27795 · Unknown · S3 Browser
Name of the Vulnerable Software and Affected Versions: S3Browser versions 10.9.9 through 11.4.5 Description: An issue in the S3 compatible storage component allows a remote attacker to obtain sensitive information. Recommendations: For versions 10.9.9 through 11.4.5, update to version 11.5.7 to...
ROS-20240704-08
A vulnerability in the curl program line utility is related to the storage of HSTS data in a file with a too long name, curl can delete the entire contents, causing subsequent requests using the file to be unaware of the HSTS status they should have used. file will be unaware of the status of the...
Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce
CVE-2024-34102 POC for CVE-2024-34102 : Unauthenticated Magen...
USN-6846-1 ansible vulnerabilities
It was discovered that Ansible incorrectly handled certain inputs when using towercallback parameter. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. This issue only affecte...
CasGate Security Vulnerability
CasGate is an open source identity and access management software from the CasGate project. A security vulnerability exists in versions of CasGate prior to 0.1.0, which stems from a vulnerability that allows an unauthenticated, remote attacker to obtain sensitive information via a GET request to ...