The vulnerability of the Attachments component of the Oracle Document Management and Collaboration software, which allows a hacker to access, create, modify, or delete data.

The vulnerability of the Attachments component of the Oracle Document Management and Collaboration software lies in insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to the ability to create, modify, or delete data using the HTTP protocol...

The vulnerability of the Resource Exceptions component in the Oracle Work in Process production management system allows a attacker to disclose protected information or gain access to create, modify, or delete data.

The vulnerability of the Resource Exceptions component in the Oracle Work in Process production management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information or gain access to the ability to create,...

UBUNTU-CVE-2021-28662

An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic...

The vulnerability of the Core component of the Oracle Advanced Supply Chain Planning application allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Core component of the Oracle Advanced Supply Chain Planning application relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information or to modify, add, or...

The vulnerability of the Security component in the Oracle PeopleSoft Enterprise PeopleTools business application package allows a hacker to gain full control over the application.

The vulnerability of the Security component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain full control over the application using the HTTP protocol...

The vulnerability of the Documents component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain access to update, modify, or delete data.

The vulnerability of the Documents component in the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to update, modify, or delete data using the HTTP protocol...

The vulnerability of the Health Center component in the Oracle PeopleSoft Enterprise PT PeopleTools business application suite allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Health Center component in the Oracle PeopleSoft Enterprise PT PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility...

The vulnerability of the Management Console component in the Oracle Cloud Infrastructure Storage Gateway allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Management Console component in Oracle Cloud Infrastructure Storage Gateway is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information throu...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of Oracle Marketing’s Marketing Administration component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to gain full control over the application using the HTTP protocol...

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

The vulnerability of the Home Page component of the Oracle Applications Framework allows a perpetrator to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Home Page component of the Oracle Applications Framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data, or to gain full control over the applicati...

CVE-2021-31166

HTTP Protocol Stack Remote Code Execution Vulnerability...

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, o...

CVE-2021-2257

Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

Oracle Cloud Infrastructure Storage Gateway 安全漏洞

Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows a highly privileged attacker accessed over an HTTP network to compromi...

tomcat: Apache Tomcat HTTP/2 Request mix-up

A flaw was found in Apache Tomcat. If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it is possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - fro...

The vulnerability of the BI Platform Security component of the Oracle Business Intelligence Enterprise Edition software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the BI Platform Security component of the Oracle Business Intelligence Enterprise Edition is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using...

OESA-2021-1032 varnish security update

This is Varnish Cache, a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x,...