Lucene search
K

498 matches found

CNVD
CNVD
added 2016/01/23 12:0 a.m.7 views

Unspecified Vulnerability in Oracle E-Business Suite Application Mgmt Pack for E-Business Suite REST Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Application Mgmt Pack for E-Business Suite REST component, which allows remote attackers to exploit the vulnerability by submitting special...

5CVSS6.8AI score0.02411EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.4 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle Customer Interaction History User GUI Component (CNVD-2016-00617)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Customer Interaction History User GUI component of Oracle E-Business Suite, which allows remote attackers to exploit the vulnerability by submitting special...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.5 views

Unspecified vulnerability in Oracle E-Business Suite Oracle Human Resources General utilities component (CNVD-2016-00620)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Human Resources General utilities component, which allows remote attackers to exploit the vulnerability to submit special requests to...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.3 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle E-Business Intelligence Definition Component (CNVD-2016-00642)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle E-Business Intelligence Definition component, which allows remote attackers to exploit the vulnerability to submit special requests to...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.6 views

Oracle Database XDB - Unspecified Vulnerability in XML Database Component

Oracle Database is a large database of commercial nature. An unspecified security vulnerability exists in the Oracle Database XDB - XML Database component that could be exploited by remote attackers to modify data, access data, and conduct denial-of-service attacks...

5.5CVSS9AI score0.01665EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/23 12:0 a.m.2 views

Unspecified Vulnerability in Oracle E-Business Suite Oracle Marketing Architecture Component

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle E-Business Suite Oracle Marketing Architecture component, which allows remote attackers to exploit the vulnerability by submitting a special request to access an...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/11 12:0 a.m.5 views

Microsoft Windows Graphics Memory Corruption Vulnerability (CNVD-2015-08115)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory corruption vulnerability exists in the Windows font library of Microsoft Windows. The vulnerability exists because the program does not properly handle specially designed embedded fonts. A remo...

9.3CVSS6.9AI score0.18247EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/08 12:0 a.m.2 views

WordPress SQL Injection Vulnerability (CNVD-2015-05160)

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. WordPress has an unspecified SQL injection vulnerability that allows remote attackers to submit specially crafted SQL queries to manipulate or obtain database dat...

7.5CVSS6.7AI score0.10986EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/31 12:0 a.m.5 views

IBM SDK Java Security Components Local Information Disclosure Vulnerability

The IBM SDK is an integrated toolkit for creating, discovering, invoking, and testing Web services. The IBM SDK stores plaintext data into memory, allowing a local attacker to exploit vulnerabilities to gain access to sensitive information...

5.5CVSS7.3AI score0.00222EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/11 12:0 a.m.4 views

AlienVault OSSIM Plugin ID SQL Injection Vulnerability

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles NBE Plugin DI with a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information

The drbd-kmp-iseries64 package of the SUSE Linux Enterprise operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

7.8CVSS5.5AI score0.05035EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.10 views

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the Debian GNU/Linux operating system’s kernel-headers-2.4.27-4-smp package can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

7.8CVSS7.2AI score0.05605EPSS
Exploits9References41Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gnome-vfs2 package in the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS5.4AI score0.04621EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2015/04/09 12:0 a.m.5 views

Apple iOS Browsing History Cannot Be Deleted Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS clear safari history fails to properly clear the saved HTTP Strict Transport Security status, which can be exploited by remote attackers to obtain sensitive information...

5CVSS6.5AI score0.01485EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/03 12:0 a.m.3 views

Cisco CUCDM Information Disclosure Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. An information disclosure vulnerability exists in Cisco CUCDM. A remote, authenticated attacker could be allowed to exploit this vulnerability to access sensitive information...

4CVSS6.1AI score0.01327EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.3 views

PreProjects E-Smart Cart SQL Injection Vulnerability

PreProjects E-Smart Cart is an integrated shopping portal, search engine and email-based forum solution from PreProjects Australia. An SQL injection vulnerability exists in the embadmin/login.asp script in PreProjects E-Smart Cart, which arises from the program failing to adequately filter...

8AI score
Exploits0References1
CNVD
CNVD
added 2015/01/22 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Siebel Oracle Enterprise Asset Management Component

Oracle Siebel is a customer relationship management software. A security vulnerability exists in the Oracle Siebel Oracle Enterprise Asset Management component Siebel Core - Unix/Windows subcomponent that could be exploited by remote attackers to compromise system confidentiality...

4.3CVSS6.9AI score0.01248EPSS
Exploits0References1
Patchstack
Patchstack
added 2014/12/03 12:0 a.m.9 views

WordPress CodeArt Google MP3 Player Plugin - File Disclosure Download

Because of this file disclosure download vulnerability, the user can download config.php and extract access data DB Data. Solution Upgrade the plugin...

2AI score
Exploits0References1Affected Software1
OSV
OSV
added 2014/11/11 7:22 p.m.3 views

USN-2406-1 keystone vulnerability

Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with privileged access for creating endpoints could exploit this to obtain sensitive information...

4CVSS5.8AI score0.02109EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

SpitFire Photo Pro 'pages.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32012/info SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

7.1AI score
Exploits0
Rows per page
Query Builder