142 matches found
GHSA-6P4M-HW2H-6GMW Controller reconciles apps outside configured namespaces when sharding is enabled
Impact All Argo CD versions starting with 2.5.0-rc1 are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Description of exploit Reconciled Application namespaces are specified as a comma-delimited lis...
Controller reconciles apps outside configured namespaces when sharding is enabled
Impact All Argo CD versions starting with 2.5.0-rc1 are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Description of exploit Reconciled Application namespaces are specified as a comma-delimited lis...
Internet Bug Bounty: Argo CD reconciles apps outside configured namespaces when sharding is enabled
An authorization bypass vulnerability was found in Argo CD versions 2.5.0-rc1 and later, allowing a malicious user to deploy applications outside of the configured allowed namespaces when sharding is enabled. The vulnerability was triggered when an application was updated, and the controller...
Oracle Database Server (Oct 2022 CPU)
The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Database - Machine Learning Numpy component of Oracle Database Server. The supported version that ...
CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
Buffer overflow
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
CVE-2022-22240
An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice Do...
Memory corruption
An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice Do...
CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing, etc. Java VM is one of the Java virtual machine components. A security vulnerability exists in the Oracle Database-Sharding...
CVE-2022-21603
CVE-2022-21603 affects Oracle Database Server, specifically the Sharding component, with 19c and 21c as affected versions. The root cause is a vulnerability in Sharding that enables a high-privilege attacker with Local Logon privilege and network access via Local Logon to compromise the Sharding ...
CVE-2022-21603
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Databas...
Oracle Database Server (Jul 2022 CPU)
The 12.1.0.2, 19c, 21c, All Supported Versions, and None versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle...
CVE-2022-21510
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...
CVE-2022-21510
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...
Buffer overflow
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...
CVE-2022-21510
CVE-2022-21510 is a vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. Affected behavior is that a low-privileged attacker with Local Logon can log in to the infrastructure where Sharding runs and compromise the component, with potential scope ...
CVE-2022-21510
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle...