Lucene search
K

657 matches found

BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.3 views

The vulnerability of the Promotions component of the Oracle Retail Customer Management and Segmentation Foundation software allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Promotions component of the Oracle Retail Customer Management and Segmentation Foundation software is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access...

6.5CVSS6.8AI score0.01086EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.7 views

The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle iSupport web application relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data, or to unauthorizedly access protected information using the HTTPS protocol...

8.2CVSS7.4AI score0.01314EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/03 12:0 a.m.4 views

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system allows attackers to access, modify, add, or delete data, as well as gain unauthorized access to protected information.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to lack of access control. Exploiting this vulnerability could allow an attacker to modify, add, or delete data, or gain unauthorized access to protected information using the HTTPS network...

8.2CVSS7.4AI score0.01275EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.6 views

The vulnerability of the Infrastructure sub-component of the Oracle FLEXCUBE Universal Banking banking analytics system, a simulation-based application of Oracle Financial Services, allows a perpetrator to gain unauthorized access to protected data or compromise the integrity of protected information.

The vulnerability of the Infrastructure sub-component of the Oracle FLEXCUBE Universal Banking banking analytics system, a simulation-based application of Oracle Financial Services, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating...

7.5CVSS7.2AI score0.01123EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.4 views

The vulnerability of the Core component of the Oracle Banking Corporate Lending software allows a malicious actor to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Core component of the Oracle Banking Corporate Lending software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, modify, add, or delete data using the HTTP protoc...

5.5CVSS6.3AI score0.00783EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.5 views

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software allows a perpetrator to gain access to data modification capabilities.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...

5.5CVSS6.3AI score0.00814EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.7 views

The vulnerability of the Core component of the real-time payment processing software in Oracle Banking Payments allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Core component of the real-time payment processing software in Oracle Banking Payments is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using...

7.5CVSS6.6AI score0.01123EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.4 views

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software allows a hacker to disclose protected information.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to exploit the HTTP protocol...

4.3CVSS6.3AI score0.00978EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.3 views

The vulnerability of the OIM component – LDAP users and role synchronization of the Oracle Identity Manager’s identification system – allows attackers to expose protected information.

The vulnerability of the OIM component – LDAP user and role synchronization of the Oracle Identity Manager – is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP protocol...

7.8CVSS7.1AI score0.02016EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.6 views

The vulnerability of the Advanced Console identity manager component of Oracle Identity Manager allows a perpetrator to compromise data integrity or expose sensitive information.

The vulnerability of the Advanced Console controller component of Oracle Identity Manager is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to compromise data integrity or disclose sensitive information using the HTTP protocol...

5.5CVSS6.2AI score0.00814EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/01/15 5:15 p.m.5 views

CVE-2020-2675

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications component: Login. The supported version that is affected is 5.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5...

7.1CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2020/01/15 5:15 p.m.4 views

CVE-2020-2661

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Others. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport...

8.2CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2020/01/15 5:15 p.m.4 views

CVE-2020-2600

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

6.1CVSS6.6AI score0.01162EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.4 views

The vulnerability of Firefox browsers arises from the lack of a warning about mixed content when the favicon of a web page is loaded via HTTP. This allows attackers to perform spoofing attacks.

The vulnerability of Firefox browsers arises from the lack of a warning about mixed content when the favicon of a web page is loaded via HTTP. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

5.3CVSS6.9AI score0.01873EPSS
Exploits0References7Affected Software3
CNVD
CNVD
added 2019/11/29 12:0 a.m.2 views

Unspecified Vulnerability in HAProxy

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer , 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A security vulnerability exists in the...

9.8CVSS6.8AI score0.03955EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.3 views

The vulnerability of the Internal Operations component of the Oracle Retail Xstore Payment software allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

Vulnerability of the Internal Operations component of the Oracle Retail Xstore Payment software, with access control deficiencies. Exploitation of this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to protected information usi...

5.5CVSS6.6AI score0.00799EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/11/20 4:14 p.m.4 views

httpd: mod_http2: possible crash on late upgrade

A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...

4.9CVSS7AI score0.08441EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.4 views

The vulnerability of the Siebel UI Framework component of the Oracle Siebel CRM system allows a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Siebel UI Framework component of the Oracle Siebel CRM system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

5.3CVSS6.6AI score0.01553EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.4 views

The vulnerability of the BI Publisher Security sub-component of the BI Publisher reporting tool (formerly XML Publisher), a software platform of Oracle Fusion Middleware, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the BI Publisher Security sub-component of the BI Publisher reporting tool formerly XML Publisher, a software platform of Oracle Fusion Middleware, is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating...

4.3CVSS6.3AI score0.0096EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.6 views

The vulnerability of the Analytics Actions sub-component of the Oracle Business Intelligence Enterprise Edition software, which allows a malicious actor to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Analytics Actions sub-component of the Oracle Business Intelligence Enterprise Edition software component of the Oracle Fusion Middleware software platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating...

6.4CVSS6.8AI score0.00915EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder