Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: SQL Injection, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated users to perform a local privilege...

PhpSpreadsheet 1.5.0 - XML External Entity (XXE)

PhpSpreadsheet 1.5.0 - XML External Entity XXE Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One vulnerability...

PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)

Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One vulnerability was identified within the PhpSpreadsheet...

Design/Logic Flaw

Vulnerability in the Hyperion Essbase Administration Services component of Oracle Hyperion subcomponent: EAS Console. The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Hyperion Essbase...

Security Bulletin: IBM Spectrum Scale, with the Spectrum Scale GUI installed, is affected by a security vulnerability (CVE-2016-0361)

Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2.0.0 thru V4.2.0.1, with the Spectrum Scale GUI installed, that could allow a remote unprivileged user to obtain sensitive information including ADMIN passwords used to access other components of...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM® Development Package for Apache Spark

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8.0 that is used by IBM Development Package for Apache Spark. These issues are disclosed as part of the IBM Java SDK updates in April 2017. IBM Development Package for Apache Spark is providing an IBM Java SD...

CVE-2018-2794

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java...

CVE-2017-3511

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to th...