Lucene search
K

660 matches found

CNNVD
CNNVD
added 2021/04/20 12:0 a.m.5 views

Oracle Cloud Infrastructure Storage Gateway 安全漏洞

Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows a highly privileged attacker accessed over an HTTP network to compromi...

9.1CVSS8.3AI score0.01074EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/02/11 1:51 p.m.42 views

tomcat: Apache Tomcat HTTP/2 Request mix-up

A flaw was found in Apache Tomcat. If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it is possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - fro...

4.3CVSS7.1AI score0.57286EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/02/11 12:0 a.m.7 views

The vulnerability of the BI Platform Security component of the Oracle Business Intelligence Enterprise Edition software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the BI Platform Security component of the Oracle Business Intelligence Enterprise Edition is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using...

4.7CVSS6.7AI score0.0135EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/02/05 11:2 a.m.3 views

OESA-2021-1032 varnish security update

This is Varnish Cache, a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 - 1000x,...

7.8CVSS7AI score0.05789EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.7 views

The vulnerability of the Web interface component of the Oracle iStore system, a system for creating, managing, and personalizing online stores, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web interface component of the Oracle iStore system for creating, managing, and personalizing e-commerce stores is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information using t...

5.3CVSS6.6AI score0.012EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.7 views

The vulnerability of the Dialog Box component of the application’s technical maintenance, repair, and major equipment overhauls allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete data permissions.

The vulnerability of the Dialog Box component in application maintenance, repair, and major equipment overhauls related to Oracle Complex Maintenance, Repair, and Overhaul lies in deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

8.2CVSS7.7AI score0.01255EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

9.4CVSS7.8AI score0.01511EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.5 views

The vulnerability of the Message Display component of the Oracle Email Center software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Worklist component of the Oracle Workflow system allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Worklist component of the Oracle Workflow system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information, or to modify, add, or delete data using the HTTP...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.5 views

The vulnerability of the Oracle Application Express Opportunity Tracker application, related to deficiencies in access control, allows an attacker to gain access to modify, add, or delete data.

The vulnerability of the Oracle Application Express Opportunity Tracker sales management application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or delete data using the HTTP protocol...

5.4CVSS6.6AI score0.0069EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.4 views

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.3 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...

9CVSS7.7AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.7 views

The vulnerability of component E1 in the IOT Orchestrator Security application of JD Edwards EnterpriseOne allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of component E1 in the JD Edwards EnterpriseOne Orchestrator Security application relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

5.8CVSS6.8AI score0.01361EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the E-Business Suite component – XDO, a software tool for creating reports with Oracle BI Publisher – allows an intruder to gain unauthorized access to protected information. This enables the intruder to read, modify, add, or delete data, or to cause service interruptions.

The vulnerability of the E-Business Suite component – XDO, a software tool for creating reports in Oracle BI Publisher – is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information, read, modify, add, or...

8CVSS7.5AI score0.011EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.9 views

The vulnerability of the Runtime Catalog component of the Oracle iStore system, a system for creating, managing, and personalizing online stores, allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Runtime Catalog component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acce...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.5 views

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...

8.2CVSS7.7AI score0.01179EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2094

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Print Server. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.2CVSS7.3AI score0.01169EPSS
Exploits0References1
Circl
Circl
added 2021/01/16 12:51 a.m.7 views

CVE-2021-21246

creationtimestamp| type| source ---|---|--- 2021-01-16 00:51:29+00:00| seen| https://t.me/cibsecurity/22235 2026-01-23 07:58:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-21246.yaml 2026-01-24 21:03:01+00:00| seen|...

8.6CVSS7.3AI score0.49051EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/11/13 12:0 a.m.6 views

The vulnerability of the E-Business Suite component – XDO, a reporting tool from Oracle BI Publisher – allows a malicious individual to gain access to modify, add, or delete data.

The vulnerability of the E-Business Suite component XDO in the Oracle BI Publisher reporting tool is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protocol...

8.5CVSS7.7AI score0.01282EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/13 12:0 a.m.6 views

The vulnerability of the Installation component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Installation component of the Oracle Business Intelligence Enterprise Edition software lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP...

7.8CVSS7.5AI score0.97233EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder