22 matches found
CVE-2023-22101
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
CVE-2022-21255
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...
CVE-2024-21252
Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache ZooKeeper
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Apache ZooKeeper. Vulnerability Details CVEID: CVE-2023-44981 DESCRIPTION: Apache ZooKeeper could allow a remote attacker to bypass security restrictions, caused by a flaw when SASL Quorum Peer...
Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to remote code execution due to IBM Java (CVE-2022-40609)
Summary IBM Sterling Connect:Direct Web Services uses IBM® Runtime Environment Java™ Versions which has a remote code execution vulnerability. IBM Sterling Connect:Direct Web Services has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technolog...
Security Bulletin: Vulnerability in IBM JDK (CVE-2022-40609 ) affects Power HMC
Summary IBM SDK, Java Technology is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION: IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the...
CVE-2021-35543
Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft component: Activity Guide Composer. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
openSUSE 15 Security Update : virtualbox (openSUSE-SU-2021:0977-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0977-1 advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Pri...
CVE-2021-2406
Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Collaborative...
CVE-2021-2295
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite component: BI Publisher Integration. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2021-2267
Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Labor Distribution...
Design/Logic Flaw
Vulnerability in the Oracle Compensation Workbench product of Oracle E-Business Suite component: Compensation Workbench. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Endeca. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Purchasing. Successful attacks of this...
CVE-2021-2276
Vulnerability in the Oracle iSetup product of Oracle E-Business Suite component: General Ledger Update Transform, Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
Security Bulletin: API Connect is impacted by a vulnerability in PHP (CVE-2019-11043)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11043 DESCRIPTION: In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocat...
CVE-2019-2934
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP ...
CVE-2019-2934
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP ...
CVE-2018-3128
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with network access via HTTP to compromise...
CVE-2018-3050
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2018-3050
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...