Lucene search
K

657 matches found

BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.9 views

The vulnerability of the Oracle PeopleSoft Enterprise PeopleTools Application Server component of the Oracle PeopleSoft products allows a perpetrator to gain full control over the application.

The vulnerability of the Oracle PeopleSoft Enterprise PeopleTools Application Server component of the Oracle PeopleSoft products is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain full control over the application using the HTTP protocol...

9CVSS7.6AI score0.01876EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/17 12:0 a.m.4 views

The vulnerability of the Enterprise Resource Management System “Galaktika ERP” is related to deficiencies in the implementation of the browser interaction protocol and the IIS service, allowing a hacker to execute arbitrary code.

The vulnerability of the GALAXY ERP resource management system is related to deficiencies in the implementation of the browser interaction protocol and the IIS service of GALAXY ERP. Exploiting this vulnerability allows an attacker to execute arbitrary JavaScript code in the client browser when t...

5.4CVSS5.9AI score
Exploits0Affected Software1
OSV
OSV
added 2019/01/16 7:30 p.m.4 views

CVE-2019-2474

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

7.5CVSS7.1AI score0.02052EPSS
Exploits0References2
OSV
OSV
added 2019/01/16 7:30 p.m.1 views

CVE-2019-2457

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS6.3AI score0.01879EPSS
Exploits0References2
OSV
OSV
added 2019/01/09 11:29 p.m.3 views

CVE-2018-0703

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests...

7.5CVSS5.9AI score0.01947EPSS
Exploits0References2
OSV
OSV
added 2018/11/07 2:29 p.m.5 views

ALPINE-CVE-2018-16844

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngxhttpv2module not compiled by default if the 'http2' option of the 'listen' directive is used in a configuration file...

7.5CVSS6.9AI score0.124EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/02 12:0 a.m.2 views

Apple macOS AFP Server Attack Vulnerability

macOS is Apple's proprietary operating system for the Mac line of products. An AFP server attack vulnerability exists in afpserver in Apple macOS Sierra 10.12.6, macOS High Sierra 10.13.6. A remote attacker can exploit this vulnerability to attack the AFP server via an HTTP client...

9.8CVSS8.8AI score0.01351EPSS
Exploits0References1
OSV
OSV
added 2018/10/17 1:31 a.m.2 views

CVE-2018-3301

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS7.3AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/09/13 12:29 a.m.5 views

CVE-2018-8479

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK...

5.6CVSS5.8AI score0.02131EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/08/17 12:0 a.m.7 views

The vulnerability of the Integration Broker component in the PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Integration Broker component in the PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data...

7.4CVSS7.8AI score0.02184EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.5 views

The vulnerability of the Script Author component in the scripting software for creating and processing scripts allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Script Author component in the scripting software for creating and processing scripts is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

8.2CVSS7.7AI score0.02024EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.8 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...

7.1CVSS7.8AI score0.02336EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.4 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...

8.5CVSS7.8AI score0.01769EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/08/10 12:0 a.m.5 views

The vulnerability of the library for working with SVG images in Apache Batik, related to the restoration of unreliable data structures in memory, allows attackers to gain access to protected data or cause service failures.

The vulnerability of the Apache Batik library for working with SVG images is related to the restoration of a dubious data structure in memory the “AbstractDocument” class. Exploiting this vulnerability could allow an attacker to gain access to protected data or cause service failures using the HT...

7.5CVSS7.8AI score0.19523EPSS
Exploits0References9Affected Software11
BDU FSTEC
BDU FSTEC
added 2018/08/03 12:0 a.m.8 views

The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, allows a hacker to gain full control over the application.

The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protoco...

9.8CVSS7.8AI score0.02226EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-3045

Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...

5.4CVSS7.3AI score0.01236EPSS
Exploits0References3
CNVD
CNVD
added 2018/06/15 12:0 a.m.3 views

redis-srvr code execution vulnerability

redis-srvr is a package for downloading and installing Redis. A security vulnerability exists in redis-srvr that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/15 12:0 a.m.1 views

cmake Remote Code Execution Vulnerability

cmake is a set of open source, cross-platform tools for building, testing and packaging software . A security vulnerability exists in cmake that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the...

9.3CVSS8.1AI score0.02104EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/15 12:0 a.m.1 views

jstestdriver Remote Code Execution Vulnerability

jstestdriver is a JavaScript code testing , running tools. A security vulnerability exists in jstestdriver that originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested binary with an...

9.3CVSS8.1AI score0.01682EPSS
Exploits0References1
CNVD
CNVD
added 2018/06/15 12:0 a.m.2 views

Slimerjs-edge Remote Code Execution Vulnerability

slimerjs-edge is a scriptable browser for web development and testing. A security vulnerability exists in slimerjs-edge that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...

9.3CVSS8AI score0.01752EPSS
Exploits0References1
Rows per page
Query Builder