485 matches found
VulnCheck KEV: CVE-2024-13981
LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co., Ltd., contains an arbitrary file upload vulnerability in its UploadFile.do;.js.jsp endpoint. This flaw affects the LiveBOS Server component and allows unauthenticated remote attackers to upload...
PT-2024-5833 · Hitachi · Hitachi Device Manager
Name of the Vulnerable Software and Affected Versions: Hitachi Device Manager versions prior to 8.8.7-00 Description: The issue is related to an Unquoted Executable Path vulnerability in the Hitachi Device Manager on Windows, specifically affecting the Device Manager Server component. This...
Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.
The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an intruder to gain unauthorized access to protected information.
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...
CVE-2024-26219
HTTP.sys Denial of Service Vulnerability...
CVE-2024-24683 Apache Hop Engine: ID isn't escaped when generating HTML
Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...
mysql: Server: DML unspecified vulnerability (CPU Apr 2024)
A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...
K000138704: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...
PT-2024-20319 · Cellinx · Cellinx Nvt Web Server
Name of the Vulnerable Software and Affected Versions: Cellinx NVT Web Server version 5.0.0.014 Description: An issue in the component /cgi-bin/GetJsonValue.cgi allows attackers to leak configuration information via a crafted POST request to the "GetJsonValue.cgi" endpoint. Recommendations: For...
CVE-2024-1262
A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument picurl leads to unrestricted...
Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to cause service interruptions...
Design/Logic Flaw
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows Hitachi Tuning Manager server component allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04...
Tenda RX9 Pro Buffer Overflow Vulnerability
The Tenda RX9 Pro is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda RX9 Pro version v22.03.02.20, which originates from a failure to properly validate the length and size of incoming data in the HTTP server component, and can be exploited by a...
Vulnerability of the Server component: The UDF component of the Oracle MySQL Server database management system, which allows attackers to perform DoS attacks.
The vulnerability of the Oracle MySQL Server database management system’s UDF component is related to improper resource cleanup. Exploiting this vulnerability can allow a malicious actor to carry out a DoS Denial-of-Service attack...
Zabbix Security Vulnerabilities
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix that stems from a security flaw in the Proxy, Server component that allows an attacker with...
CVE-2023-1832 Improper authorization check in the server component
An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant...
Vulnerability of the Server component: The Replication function of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Replication component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
CVE-2023-35298
HTTP.sys Denial of Service Vulnerability...