The vulnerability of the build_audio_procunit function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the buildaudioprocunit function in the Linux kernel stems from the possibility of reading memory beyond the allocated buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the IPv4 protocol in real-time operating systems like Wind River VxWorks allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the IPv4 protocol for real-time operating systems developed by Wind River VxWorks is related to insufficient access control mechanisms, such as ipdhcpc and DHCP. Exploiting this vulnerability could allow attackers to compromise the integrity and accessibility of protected...

WHO COVID-19 Mobile App: Improper Input Validation on User's Location on PUT /WhoService/putLocation Could Affect Availability/Falsify Users

Summary: Note: I noticed that that the team has fixed issues like an XSS that's caused only from a header value typically OOS since it's not directly exploitable https://github.com/WorldHealthOrganization/app/pull/855, so in the spirit of this I'm also reporting another "good-to-fix" issue. On th...

CVE-2018-14705

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...

Authorization

In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...

Unspecified Vulnerability in Oracle MySQL Client (CNVD-2020-17121)

Oracle MySQL is an open source relational database management system from Oracle. An unspecified vulnerability exists in Oracle MySQL Client. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes, affecting data availability...

Unspecified Vulnerability in Oracle MySQL Client

Oracle MySQL is an open source relational database management system from Oracle. An unspecified vulnerability exists in Oracle MySQL Client. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes, affecting data availability...

PT-2020-2776 · Openjpeg +6 · Openjpeg +6

Name of the Vulnerable Software and Affected Versions: OpenJPEG versions 2.3.1 through 2020-01-28 Description: The issue is related to a heap-based buffer overflow in the opj t1 clbl decode processor function of the OpenJPEG library, specifically in the openjp2/t1.c file when qmfbid==1. This can ...

The vulnerability of the transaction management function of the SAP Treasury and Risk Management software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the transaction management function in SAP Treasury and Risk Management involves deficiencies in the authorization mechanism. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected informati...

Oracle VM VirtualBox Denial of Service Vulnerability (CNVD-2020-04038)

Oracle VM VirtualBox is a cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.36, 6.0.16. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes,...

Unspecified Vulnerability in Oracle GraalVM Enterprise Edition (CNVD-2020-09692)

Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. The product supports a variety of programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM. An unspecified vulnerability exists in...

Unspecified Vulnerability in Oracle Database Server (CNVD-2020-04350)

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Core RDBMS is one of the relational database core components. An unspecified vulnerability exists in Oracl...

Unspecified Vulnerability in Oracle Database Server (CNVD-2020-04348)

Oracle Database Server is an object-a relational database management system that provides an open, comprehensive, and integrated approach to information management. An unspecified vulnerability exists in Oracle Database Server. An attacker could exploit this vulnerability to unauthorized update,...

Unspecified Vulnerability in Oracle Enterprise Manager Base Platform (CNVD-2020-04371)

Oracle Enterprise Manager Base Platform is a complete installer that includes OMS, agents, repositories, and management plug-ins. An unspecified vulnerability exists in Oracle Enterprise Manager Base Platform. An attacker could exploit this vulnerability to gain unauthorized access to, update,...

Unspecified Vulnerability in Oracle Enterprise Manager Base Platform (CNVD-2020-03236)

Oracle Enterprise Manager Base Platform is a complete installer that includes OMS, agents, repositories, and management plug-ins. An unspecified vulnerability exists in Oracle Enterprise Manager Base Platform. An attacker could exploit this vulnerability to gain unauthorized access to, update,...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-36403)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An unspecified vulnerability exists in Oracle MySQL Server. An attacker can exploit this vulnerability to cause a denial of service hang or frequent...

Unspecified Vulnerability in Oracle E-Business Suite Application Object Library

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Application Object Library AOL,...

Unspecified Vulnerability in Oracle Fusion Middleware Outside In Technology (CNVD-2019-37234)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. An...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37222)

Java SE is short for Java Platform Standard Edition, for the development and deployment of desktop, server, and embedded devices and real-time environment of Java applications. Java SE Embedded is based on Java SE, and provides specific features and support for embedded systems. An unspecified...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37212)

Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...