205 matches found
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Advanced Networking Option component of Oracle...
PT-2023-3700 · Oracle +1 · Oracle Web Applications Desktop Integrator +1
Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the MS Excel Specific component of Oracle Web Applications Desktop Integrator, part of the Oracle...
CVE-2023-2284
The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxswitchdb function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers with subscriber-level or higher to make...
OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...
OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...
PT-2023-2528 · Oracle · Oracle Iprocurement +1
Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the E-Content Manager Catalog component. It allows a low-privileged attacker with network access via HTTP to...
PT-2023-2632 · Oracle · Oracle Banking Virtual Account Management
Name of the Vulnerable Software and Affected Versions: Oracle Banking Virtual Account Management versions 14.5 through 14.7 Description: The issue is related to insufficient input validation in the Routing Hub subcomponent of Oracle Banking Virtual Account Management, part of Oracle Financial...
VulnCheck KEV: CVE-2023-1929
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfcpurgecachevarnishcallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access...
CVE-2020-36670
The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to...
CVE-2023-21888
Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security bypass vulnerability exists in Oracle Database Server that can be exploited ...
Oracle Java SE 安全漏洞
Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE 11.0.17, 17.0.5, 19.0.1, which can be exploited by an attacker to cause unauthorized update,...
mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: DML unspecified vulnerability (CPU Jan 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2022-21527
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Oracle FLEXCUBE Universal Banking 输入验证错误漏洞
Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...
CVE-2022-1300
Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service...
UBUNTU-CVE-2022-21440
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...