453 matches found
CVE-2020-14532
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.1, 11.2 and prior to 11.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
The vulnerability of the Application Framework component of the Cisco Iox software platform allows a perpetrator to re-write any files they desire.
The vulnerability of the Application Framework component of the Cisco Iox software platform is related to errors in processing symbolic links. Exploiting this vulnerability could allow an attacker to re-write any files at will...
[SECURITY] Fedora 31 Update: php-horde-horde-5.2.23-1.fc31
The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of...
Fedora: Security Advisory for php-horde-horde (FEDORA-2020-01d7b8b690)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 32 Update: php-horde-horde-5.2.23-1.fc32
The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of...
The vulnerability of the Application Framework component of the Cisco IOx software platform allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the Application Framework component of the Cisco Iox software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data in the virtual environment...
Cisco IOx Application Framework Input Validation Error Vulnerability
Cisco Iox is the U.S. Cisco Cisco a combination of Cisco IOS and Linux OS for secure network connectivity and the development of IOT applications for secure development environment. An input validation error vulnerability exists in Cisco IOx Application Framework versions prior to 1.9.0, which...
Cisco IOx Application Framework Backlink Vulnerability
Cisco Iox is the U.S. Cisco Cisco a combination of Cisco IOS and Linux OS for secure network connectivity and the development of IOT applications for secure development environment. A backlink vulnerability exists in Cisco IOx Application Framework versions prior to 1.9.0, which arises from a...
CVE-2020-3237
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...
CVE-2020-3238
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
CVE-2020-3233
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...
CVE-2020-3233
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...
Design/Logic Flaw
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...
Input validation
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
CVE-2020-3238 Cisco IOx Application Framework Arbitrary File Creation Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
CVE-2020-3238 Cisco IOx Application Framework Arbitrary File Creation Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient input...
CVE-2020-3237
The CVE-2020-3237 issue affects Cisco IOx Application Framework within the Cisco IOx application environment. It stems from insufficient path restriction enforcement, enabling an authenticated, local attacker to overwrite arbitrary files in the running virtual instance by including a crafted file...
CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...
CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability
A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...
CVE-2020-3233 Cisco IOx Application Framework Local Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based Local Manager interface of the Cisco IOx Application Framework could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based Local Manager interface of an affected device. The attacker must have...