61 matches found
ROS-20260505-73-0062
A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...
EUVD-2024-18637
Malicious code in bioql PyPI...
MAL-2025-4940 Malicious code in puppeteer-proxy-http (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f40925e51ac8a3b8f89bbd8ab3a8f34b05e948007dc3b79a88a115191fbee417 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-46828
WeGIA is affected by an unauthenticated SQL Injection in the endpoint /html/socio/sistema/get_socios.php, due to unsafely handled input in a query parameter. Versions up to and including 3.3.0 are vulnerable; version 3.3.1 contains the fix. Exploitation could allow an attacker to exfiltrate data,...
Oracle Business Intelligence Publisher 6.4 / 7.0 (OAS) (October 2024 CPU)
The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by a vulnerability as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Layout Templates. Supported versions that are...
MAL-2024-440 Malicious code in wlwz-2312-3000 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fcf14fd0d80ab5b58044ad2d8faf523f93ab0d0d6500b6a0804284024d9686b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
BSA-2022-1690
Security Advisory ID : BSA-2022-1690 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Keytool. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise...
Design/Logic Flaw
Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to compromise Oracle Essbase. Successful attacks...
CVE-2022-21460
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2021-2368
Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Siebel Core - Server Infrastructure. Supported versions that are affected are 21.5 and Prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Siebel CRM. Successf...
CVE-2021-2252
Vulnerability in the Oracle Loans product of Oracle E-Business Suite component: Loan Details, Loan Accounting Events. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Loans...
Design/Logic Flaw
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HT...
CVE-2021-2277
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
CVE-2021-2266
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2020-24841
PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...
Design/Logic Flaw
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2021-2119
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2020-14860
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2020-14770
Vulnerability in the Hyperion BI+ product of Oracle Hyperion component: IQR-Foundation service. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Hyperion BI+. Successful...
CVE-2020-14827
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromis...