205 matches found
Oracle Financial Services Applications 输入验证错误漏洞
Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The products include core banking, online banking, and estate management.FLEXCUBE Universal Banking is one of the Internet and mobile banking solution components. A security vulnerability exists in...
Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to
...
OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerabili...
AZL-7694 CVE-2022-21278 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Oracle Construction and Engineering Suite 安全漏洞
Oracle Construction and Engineering Suite is a portfolio management solution suite product for construction projects from Oracle Corporation. A security vulnerability exists in Oracle Construction and Engineering Suite's Primavera Portfolio Management product that could allow an attacker with...
Oracle Java SE和Oracle GraalVM 输入验证错误漏洞
Oracle Java SE, an Oracle company, is used to develop and deploy Java applications on desktops, servers, and embedded devices and in real-time environments. Edition accessible data for unauthorized update, insert, or delete access...
AZL-6712 CVE-2021-35610 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...
AZL-6697 CVE-2021-2356 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.
The vulnerability of Oracle Marketing’s Marketing Administration component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to gain full control over the application using the HTTP protocol...
CVE-2021-2140
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Rules Framework. Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite.Oracle Universal...
Oracle Solaris 安全漏洞
Oracle Solaris is a UNIX operating system from Oracle. Oracle Solaris Kernel 11 contains a security vulnerability that can be exploited by an attacker to compromise Oracle Solaris by logging on to the infrastructure that executes Oracle Solaris. resulting in the unauthorized ability to cause Orac...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite.Oracle Landed Cos...
Oracle E-Business Suite Oracle Customers Online 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite. Oracle Customers...
The vulnerability of the Oracle Application Express Opportunity Tracker application, related to deficiencies in access control, allows an attacker to gain access to modify, add, or delete data.
The vulnerability of the Oracle Application Express Opportunity Tracker sales management application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or delete data using the HTTP protocol...
mysql: InnoDB unspecified vulnerability (CPU Jul 2019)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2020-14802
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
UBUNTU-CVE-2020-14853
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: NDBCluster Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...
mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.017 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...