Cross site scripting

Cross-site scripting XSS vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1036

Cross-site scripting XSS vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1036

Adobe Analytics AppMeasurement for Flash Library is affected by CVE-2016-1036 prior to version 4.0.1. The vulnerability is a DOM-based XSS flaw that can be triggered when debugTracking is enabled, allowing remote attackers to inject arbitrary script/HTML and potentially hijack user sessions or ac...

Unspecified Vulnerability in Oracle Fusion Middleware Business Intelligence Enterprise Edition Component

Oracle Fusion Middleware Oracle Fusion Middleware is the United States Oracle Oracle company's set of business innovation platform for enterprise and cloud environments, Oracle Business Intelligence Enterprise Edition is one of the business intelligence components. An unspecified vulnerability in...

Unspecified Vulnerability in Oracle Fusion Middleware Business Intelligence Enterprise Edition Component (CNVD-2016-02483)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's Oracle business innovation platform for enterprise and cloud environments, of which Oracle Business Intelligence Enterprise Edition is a business intelligence component. An unspecified vulnerability in the Analytics Scorecard...

Adobe Analytics AppMeasurement for Flash Library Patch

Adobe today patched a vulnerability in the Adobe Analytics AppMeasurement for Flash library, which can be added to Flash projects to measure the usage of Flash-based content. The vulnerability is a DOM-based cross-site scripting flaw that can be abused for cookie theft, said researcher Randy...

CVE-2016-0479

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard...

CVE-2016-0479

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard...

CVE-2016-0468

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General...

CVE-2016-0468

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard...

CVE-2016-0479

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard...

CVE-2016-0479

Oracle Fusion Middleware’s Oracle BI components (Oracle BI Publisher and BI EE) are affected by CVE-2016-0479 via the Analytics Scorecard path. Nessus notes that remote, authenticated users could affect confidentiality and integrity in affected installations: 11.1.1.7.x before 11.1.1.7.160119, 11...

CVE-2016-0468

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General...

CVE-2016-0468

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General...

APSB16-13 Security update available for the Adobe Analytics AppMeasurement for Flash Library

Adobe has released a security update for the Adobe Analytics AppMeasurement for Flash library. This update resolves an important vulnerability in the AppMeasurement for Flash library that could be abused to conduct DOM-based cross-site scripting attacks when debugTracking is enabled...

CVE-2016-2002

The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417...

Command injection

The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417...

The vulnerability of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IQ ADC, BIG-IQ Cloud, and BIG-IQ Device – these tools’ access control and remote authentication mechanisms can be exploited by attackers, leading to service interruptions.

The vulnerability of the virtual server component of the access control and remote authentication solution, BIG-IP Access Policy Manager, as well as software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security...