CVE-2025-34332 AudioCodes Fax/IVR Appliance <= 2.6.23 Insecure Service Control Scripts LPE

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts located under C:\F2MAdmin\F2E\AudioCodesfiles\utils\Services. When certain service actions are...

EUVD-2012-1315

Malware in sbrugna...

EUVD-2020-14276

Malware in sbrugna...

EUVD-2017-11117

Malware in sbrugna...

CVE-2021-2049

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Administration. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

Siemens 多款产品 安全漏洞

SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. Siemens SIMATIC RTLS Locating Manager suffers from an incorrect assignment of critical resource privileges vulnerability, which...

CVE-2017-20111

A vulnerability, which was classified as critical, was found in Teleopti WFM 7.1.0. This affects an unknown part of the component Administration. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a perpetrator to modify data or gain unauthorized access to the device.

The vulnerability of Oracle Marketing’s Marketing Administration component exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to modify data or gain unauthorized access to the device through HTTP requests...

The vulnerability of the Administration component of the Oracle BI Publisher software allows a malicious individual to gain unauthorized access to protected information. This access includes reading, modifying, adding, or deleting data, as well as causing service failures.

The vulnerability of the Administration component of the Oracle BI Publisher software for creating reports is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information, to read, modify, add, or delete data...

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2021-04816)

Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. An unspecified vulnerability exists in the Administration component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...

Oracle E-Business Suite Marketing Encyclopedia System Unauthorized Operation Vulnerability

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing Encyclopedia System is...

CVE-2019-2485

Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite subcomponent: Administration. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2019-28440)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions.Mobile Field Service is one of th...

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38557)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

CVE-2018-12465

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

CVE-2017-3239

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server...

CVE-2016-1357

The password-management administration component in Cisco Policy Suite CPS 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211...

Unspecified Vulnerability in Oracle E-Business Suite Oracle Universal Work Queue Work Provider Administration Component (CNVD-2016-00600)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. An unspecified security vulnerability exists in the Oracle Universal Work Queue Work Provider Administration component of Oracle E-Business Suite, which allows remote attackers to exploit the vulnerability to submit...

Oracle OpenSSO Administration Component Data Manipulation Vulnerability

Oracle OpenSSO is prone to data manipulation vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:opensso";...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Call Detail Records Analysis and Reporting CAR interface in the OS Administration component in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to hijack the authentication of administrators for requests...