640 matches found
CVE-2014-8115
The default authorization constrains in KIE Workbench 6.0.x allows remote authenticated users to read or write to arbitrary files, bypass intended access restrictions, and possibly have other unspecified impact via unknown vectors...
Workbench: Insufficient authorization constraints
It was discovered that the default authorization constrains applied on servelets deployed in the KIE Workbench application were insufficient. A remote, authenticated user without sufficient privileges could use this flaw to upload or download arbitrary files, perform privileged actions that...
Workbench: Insufficient authorization constraints
It was discovered that the default authorization constrains applied on servelets deployed in the KIE Workbench application were insufficient. A remote, authenticated user without sufficient privileges could use this flaw to upload or download arbitrary files, perform privileged actions that...
Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.3 security update
Red Hat JBoss BRMS 6.0.3 roll up patch 2, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
Oracle E-Business Multiple Vulnerabilities (January 2015 CPU)
The version of Oracle E-Business installed on the remote host is missing the January 2015 Oracle Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - Oracle Application Object Library - Oracle Applications DBA - Oracle Applications DBA - Oracle...
Unspecified Vulnerability in Oracle E-Business Suite Oracle HCM Configuration Workbench Component
Oracle E-Business Suite is a new generation of e-business suite from Oracle. A security vulnerability exists in the Oracle E-Business Suite Oracle HCM Configuration Workbench component that could be exploited by remote attackers to compromise system confidentiality...
CVE-2014-6582
Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...
Information disclosure
Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...
CVE-2014-6582
Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation...
CVE-2014-6582
Technical details about CVE-2014-6582 are not publicly provided in the supplied documents. Monitor Oracle CPU advisories and related feeds for updates on affected products and remediation.
Rockwell Automation Connected Components Workbench RA.ViewElements.Grid.1 Arbitrary Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Rockwell Automation Connected Components Workbench RA.ViewElements.Row.1 Arbitrary Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
CVE-2014-8665
The SAP Business Intelligence Development Workbench allows remote attackers to obtain sensitive information by reading unspecified files...
Cross site scripting
Cross-site scripting XSS vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-8667
Cross-site scripting XSS vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-8665
Technical details for CVE-2014-8665 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2014-8667
Technical details (affected product versions, root cause, exploit vectors) are not publicly available in the provided documents. Monitor for updates from the listed sources.
CVE-2014-8313
Eval injection in ide/core/base/server/net.xsjs in the Developer Workbench in SAP HANA allows remote attackers to execute arbitrary XSJX code via unspecified vectors...
CVE-2014-8313
The CVE-2014-8313 entry describes an evaluation (XSJX eval) injection flaw in SAP HANA’s Developer Workbench, specifically in ide/core/base/server/net.xsjs, enabling remote code execution through unspecified vectors. The vulnerability affects the Developer Workbench component of SAP HANA and is t...
OracleAS TopLink Mapping Workbench Weak Encryption Algorithm Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9515/info OracleAS TopLink Mapping Workbench is a tool included with OracleAS TopLink, a Java-based database integration development framework that is included as a component of various Oracle Application Server releases...