The vulnerability of the Application Service Level Mgmt component of the Enterprise Manager Base Platform allows attackers to access data for modification, addition, or deletion, gain unauthorized access to protected information, or cause service failures.

The vulnerability of the Application Service Level Mgmt component of the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, gain unauthorized access to protected...

CVE-2019-11587

Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote attackers to modify various settings via Cross-site request forgery CSRF...

The vulnerability affects the implementation of the Smart Class class in the software for managing Red Hat Satellite systems, as well as the Foreman application for managing, configuring, and monitoring servers. This allows a malicious individual to modify the configuration files.

The vulnerability of the Smart Class class implementation in the software for managing Red Hat Satellite systems, as well as the Foreman management, configuration, and monitoring application, is related to improper authentication. Exploiting this vulnerability allows a malicious actor to remotely...

Code injection

In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...

CVE-2019-10966

In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...

CVE-2019-10966

CVE-2019-10966 affects GE Aestiva and Aespire anesthesia devices (7100/7900) where serial ports extended to TCP/IP via an unsecured terminal server. Root cause is improper authentication, enabling remote modification of device configuration and silencing of alarms without user interaction. The IC...

The vulnerability of the Attachments sub-component of the Oracle iSupplier Portal component in the Oracle E-Business Suite system, which allows a malicious individual to access data for modification, addition, or deletion.

The vulnerability of the Attachments sub-component of the Oracle iSupplier Portal component in the Oracle E-Business Suite enterprise automation system is related to lack of access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify,...

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system, which is used for automating business operations. This vulnerability allows a malicious individual to modify protected data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system, a business automation solution, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

CVE-2019-8408

OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice...

Microstrategy Analytics Cross-Site Request Forgery Vulnerability

Microstrategy Analytics is a suite of enterprise data analytics platforms from Microstrategy, Inc. in the United States. The platform features data discovery, data visualization and report generation. A cross-site request forgery vulnerability exists in the main.aspx file in Microstrategy Analyti...

Unspecified Vulnerability in Oracle Database Server (CNVD-2018-24128)

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Text component of Oracle Database Server version...

Design/Logic Flaw

HPE has addressed a remote arbitrary file modification vulnerability in HPE enhanced Internet Usage Manager eIUM v9.0FP1 with the cumulative patch for v9.0FP1 - eIUM90FP01XXX.YYYYMMDD-HHMM...

The vulnerability of the embedded web-server software module of the APC MGE SNMP/Web Card Transverse 66074 allows a intruder to modify the device’s settings.

The vulnerability of the embedded web-server-based microprogramming software module for managing uninterruptible power supplies, the APC MGE SNMP/Web Card Transverse 66074, is caused by authentication errors. Exploiting this vulnerability could allow a malicious actor to remotely alter device...

CVE-2018-7308

A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account...

CVE-2017-5108

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file...

CVE-2017-5108

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file...

CVE-2017-5094

Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page...

UBUNTU-CVE-2017-5108

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file...

chromium-browser: type confusion in extensions

Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page...

Easy File Sharing FTP Server Directory Traversal Vulnerability

EFS Software Easy File Sharing FTP Server is an easy-to-use and powerful FTP Server software from EFS Software, Netherlands. A directory traversal vulnerability exists in Easy File Sharing FTP Server, which stems from a failure to adequately validate user input. A remote attacker could utilize a...