118 matches found
CVE-2025-43790
Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.6, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote authenticated users to from one virtual instance to access, create, edit, relate...
Linux Distros Unpatched Vulnerability : CVE-2021-45111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of...
Vulnerability of the Server component: The MySQL Server database management system’s Optimizer component allows a hacker to gain unauthorized access for creating, deleting, and modifying data.
The vulnerability of the MySQL Server component, which is part of the database management system, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, and modify data...
SUSE CVE-2025-38303
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...
CVE-2024-5459
The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...
ROS-20241203-08
Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to download larger-than-expected websites to find Open-Graph data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A...
The vulnerability of the Auctions component of the Oracle Sourcing supply management platform, a part of the Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to create, modify, and delete data.
The vulnerability of the Auctions component of the Oracle Sourcing supply management platform, part of the Oracle E-Business Suite, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Field Service versions 12.2.3...
Oracle Applications Manager 安全漏洞
Oracle Applications Manager is an application management software from Oracle Corporation USA. The software provides monitoring, trending, and fault management for Oracle data files. A security vulnerability exists in Oracle Applications Manager versions 12.2.11 through 12.2.13. An attacker could...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business Suite...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle MES for Process Manufacturing...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Site Hub versions 12.2.3 throu...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Cost Management versions 12.2.1...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Process Manufacturing Product...
CVE-2024-5459
The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...
CVE-2024-5459 Restaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu Creation
The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...
CVE-2024-5459
CVE-2024-5459 affects the Restaurant Menu and Food Ordering plugin for WordPress. All versions up to 2.4.16 are vulnerable due to missing capability checks on add_section, add_menu, add_menu_item, and add_menu_page, enabling authenticated users with Subscriber-level access and above to create men...
Restaurant Menu and Food Ordering < 2.4.17 - Missing Authorization to Menu Creation
Description The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for...
CVE-2024-21092
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
Oracle Audit Vault and Database Firewall Security Vulnerabilities
Oracle Audit Vault and Database Firewall is a database security solution from Oracle Corporation. A security vulnerability exists in Oracle Audit Vault and Database Firewall versions 20.1 through 20.9. An attacker could exploit the vulnerability to perform unauthorized creation, deletion, or...