657 matches found
The vulnerability of the Oracle PeopleSoft Enterprise PeopleTools Application Server component of the Oracle PeopleSoft products allows a perpetrator to gain full control over the application.
The vulnerability of the Oracle PeopleSoft Enterprise PeopleTools Application Server component of the Oracle PeopleSoft products is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain full control over the application using the HTTP protocol...
The vulnerability of the Enterprise Resource Management System “Galaktika ERP” is related to deficiencies in the implementation of the browser interaction protocol and the IIS service, allowing a hacker to execute arbitrary code.
The vulnerability of the GALAXY ERP resource management system is related to deficiencies in the implementation of the browser interaction protocol and the IIS service of GALAXY ERP. Exploiting this vulnerability allows an attacker to execute arbitrary JavaScript code in the client browser when t...
CVE-2019-2474
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2019-2457
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2018-0703
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests...
ALPINE-CVE-2018-16844
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngxhttpv2module not compiled by default if the 'http2' option of the 'listen' directive is used in a configuration file...
Apple macOS AFP Server Attack Vulnerability
macOS is Apple's proprietary operating system for the Mac line of products. An AFP server attack vulnerability exists in afpserver in Apple macOS Sierra 10.12.6, macOS High Sierra 10.13.6. A remote attacker can exploit this vulnerability to attack the AFP server via an HTTP client...
CVE-2018-3301
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2018-8479
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK...
The vulnerability of the Integration Broker component in the PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the Integration Broker component in the PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data...
The vulnerability of the Script Author component in the scripting software for creating and processing scripts allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the Script Author component in the scripting software for creating and processing scripts is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...
The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...
The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or...
The vulnerability of the library for working with SVG images in Apache Batik, related to the restoration of unreliable data structures in memory, allows attackers to gain access to protected data or cause service failures.
The vulnerability of the Apache Batik library for working with SVG images is related to the restoration of a dubious data structure in memory the “AbstractDocument” class. Exploiting this vulnerability could allow an attacker to gain access to protected data or cause service failures using the HT...
The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, allows a hacker to gain full control over the application.
The vulnerability of the Map Builder component of the Fusion Middleware data visualization software, MapViewer, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protoco...
CVE-2018-3045
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker wi...
redis-srvr code execution vulnerability
redis-srvr is a package for downloading and installing Redis. A security vulnerability exists in redis-srvr that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...
cmake Remote Code Execution Vulnerability
cmake is a set of open source, cross-platform tools for building, testing and packaging software . A security vulnerability exists in cmake that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the...
jstestdriver Remote Code Execution Vulnerability
jstestdriver is a JavaScript code testing , running tools. A security vulnerability exists in jstestdriver that originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested binary with an...
Slimerjs-edge Remote Code Execution Vulnerability
slimerjs-edge is a scriptable browser for web development and testing. A security vulnerability exists in slimerjs-edge that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...