The vulnerability of the UI and visualization components of the Hyperion Infrastructure Technology management system allows attackers to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the UI and visualization components of the Hyperion Infrastructure Technology management system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to modify, add, o...

The vulnerability of the IQR-Foundation component of the Oracle Hyperion BI+ service allows a intruder to gain unauthorized access to protected information.

The vulnerability of the IQR-Foundation component of the Oracle Hyperion BI+ service is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information via the HTTP network protocol...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform in the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Marketing Administration component of Oracle’s marketing platform relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete...

The vulnerability of the WebConnect component of the Oracle Hospitality Suite8 software, which allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the WebConnect component of the Oracle Hospitality Suite8 software for managing hotel resources is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information o...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform in the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Marketing Administration component of Oracle’s marketing platform relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete...

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected information through...

The vulnerability of the General component (jQuery) of the Oracle REST Data Services data service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the General component jQuery in the Oracle REST Data Services data service is related to security mechanism failures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information via the HTTP network...

The vulnerability of the Oracle Application Express Group Calendar component of the Oracle Database Server database management system allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Oracle Application Express Group Calendar component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the protected...

Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS

An HTTP detection flaw was discovered in Django. If deployed behind a reverse-proxy connecting to Django via HTTPS, django.http.HttpRequest.scheme incorrectly detected client requests made using HTTP as using HTTPS. This resulted in incorrect results for issecure and buildabsoluteuri, and HTTP...

Oracle Applications Framework Code Execution Vulnerability

Oracle Applications Framework is the United States Oracle Oracle company's a MVC-based Web development framework. A security vulnerability exists in Oracle Applications Framework product versions 12.1.3, 12.2.3 through 12.2.10, which can be exploited by an attacker accessing Oracle Applications...

IBM Oracle E-Business Suite Secure Enterprise Search Code Execution Vulnerability

IBM Oracle E-Business Suite Secure Enterprise Search is an enterprise asset search product from IBM USA. The product can search for public and private information from LANs, databases, disks, and file servers. A code execution vulnerability exists in Oracle E-Business Suite Secure Enterprise Sear...

The vulnerability of the Console component of the Oracle WebLogic Server application server, related to insufficient input validation, allows an attacker to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Console component of the Oracle WebLogic Server application lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to gain unauthorized access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the Web Container server’s sub-component in Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. This vulnerability allows an attacker to gain unauthorized access to protected information or to read, modify, add, or delete data.

The vulnerability of the Web Container sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorize...

The vulnerability of the Environment Mgmt Console component of the Oracle PeopleSoft Enterprise PeopleTools business application, related to insufficient input data validation, allows attackers to cause system downtime, service failures, or gain read-only, edit, add, or delete access to data.

The vulnerability of the Environment Mgmt Console component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause system downtime, service failures, or gain...

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite, related to insufficient input data validation, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information using the HTTP...

The vulnerability of the Analytics Web Answers component of the Oracle Business Intelligence Enterprise Edition software allows a hacker to gain access to, modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Analytics Web Answers component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or cause a service failure...

The vulnerability of the Reporting component of the Oracle Hospitality Reporting and Analytics application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Reporting component of the Oracle Hospitality Reporting and Analytics application is related to lack of access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP...

The vulnerability of Platform and Mobile App components, which are used for automating project management processes, in Oracle Primavera Unifier allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Platform and Mobile App components of Oracle Primavera Unifier relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTPS protocol...

The vulnerability of the Layout Templates component of the Oracle BI Publisher software allows a malicious individual to gain access to read, modify, add, or delete data.

The vulnerability of the Layout Templates component in the Oracle BI Publisher reporting software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...