The vulnerability of the reporting software for Cisco Security Manager extended security environments lies in improper pathname restrictions, which allow attackers to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the reporting software for Cisco Security Manager extended environments is related to incorrect path name restrictions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to modify, add, or delete data...

mysql: InnoDB unspecified vulnerability (CPU Jul 2019)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious actor to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to errors in restricting XML links to external objects. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and to modify, add, or delete data...

The vulnerability of the Smart View Provider component of the Hyperion Analytic Provider Services software allows a malicious individual to gain unauthorized access to protected information, modify, add, or delete data, or cause service failures.

The vulnerability of the Smart View Provider component of the Hyperion Analytic Provider Services software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information, modify, add,...

The vulnerability of the Libraries component in Java SE and Java SE Embedded software platforms allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Libraries component in Java SE and Java SE Embedded software platforms is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data...

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

The vulnerability of the Oracle Applications Manager component, a tool for application management in the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Oracle Applications Manager component, a tool for application management in the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or to...

OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

CVE-2020-14822

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installe...

CVE-2020-14802

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

UBUNTU-CVE-2020-14853

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: NDBCluster Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...

The vulnerability of the Commerce Service Center component in the Oracle Commerce Service Center module for managing customer interactions in the Oracle Commerce e-commerce platform allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Commerce Service Center component in the Oracle Commerce Service Center platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to remotely access and modify, add, or delete data, or unauthorized access to...

mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.017 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

The vulnerability of the Web Access component of the Oracle Primavera Portfolio Management software lies in insufficient validation of input data. This allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or...

The vulnerability of the Composer component of the Oracle WebCenter Portal, which allows a hacker to gain access to modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Composer component of the Oracle WebCenter Portal is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or delete data, or to cause service interruptions using the HTTP protocol...

The vulnerability in the 2D software platform components of Oracle Java SE and Java SE Embedded allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the 2D software platform components of Oracle Java SE and Java SE Embeddeds is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to the ability to modify, add, or delete data...