PT-2021-22017 · Apache · Apache Couchdb

Name of the Vulnerable Software and Affected Versions: Apache CouchDB versions prior to 3.1.2 Description: A malicious user with permission to create documents in a database can attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, any JavaScript code...

mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

AZL-6697 CVE-2021-2356 affecting package mysql for versions less than 8.0.28-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

The vulnerability of the View Reports component in the Oracle Applications Manager management tool allows a hacker to gain access to create, modify, or delete data.

The vulnerability of the View Reports component in the Oracle Applications Manager management tool is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain access to the ability to create, modify, or delete data using the HTTP protocol...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to modify, add, or delete data.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to modify, add, or delete data...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to modify, add, or delete data.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to modify, add, or delete data...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a hacker to gain access to modify, add, or delete data, or to gain full control over the application.

The vulnerability of Oracle Marketing’s Marketing Administration component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to gain full control over the application using the HTTP protocol...

CVE-2021-2140

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Rules Framework. Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...

Oracle E-Business Suite Oracle Customers Online 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite. Oracle Customers...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite.Oracle Universal...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite. oracle iStore i...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite.Oracle Landed Cos...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite. Oracle Advanced...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite. oracle iSetup i...

Oracle Solaris 安全漏洞

Oracle Solaris is a UNIX operating system from Oracle. Oracle Solaris Kernel 11 contains a security vulnerability that can be exploited by an attacker to compromise Oracle Solaris by logging on to the infrastructure that executes Oracle Solaris. resulting in the unauthorized ability to cause Orac...

The vulnerability of the User Responsibilities component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Responsibilities component in the Oracle iSupport web application exists due to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or...

The vulnerability of the Administration component of the Oracle BI Publisher software allows a malicious individual to gain unauthorized access to protected information. This access includes reading, modifying, adding, or deleting data, as well as causing service failures.

The vulnerability of the Administration component of the Oracle BI Publisher software for creating reports is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information, to read, modify, add, or delete data...

The vulnerability of the Oracle Application Express Opportunity Tracker application, related to deficiencies in access control, allows an attacker to gain access to modify, add, or delete data.

The vulnerability of the Oracle Application Express Opportunity Tracker sales management application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or delete data using the HTTP protocol...

CVE-2021-2027

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

CVE-2021-2023

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Bas...