Lucene search
K

118 matches found

CNNVD
CNNVD
added 2024/01/16 12:0 a.m.5 views

Security Vulnerabilities in Selected Oracle Products

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

7.4CVSS7.9AI score0.00918EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.5 views

PT-2023-9574 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.5 through 12.2.13 Description: The issue is related to weaknesses in the authorization mechanism of the Authoring component in Oracle Service Contracts, part of the Oracle E-Business Suite system. This ca...

8.5CVSS8.2AI score0.00435EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2023/10/04 2:15 p.m.3 views

CVE-2023-1832

An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant...

8.1CVSS5.9AI score0.00485EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.6 views

PT-2023-17268 · Candlepin · Candlepin

Name of the Vulnerable Software and Affected Versions: Candlepin affected versions not specified Description: An improper access control flaw was found in Candlepin, allowing an attacker to create data scoped under another customer or tenant. This can result in loss of confidentiality and...

8.1CVSS7.8AI score0.00485EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2023/04/25 6:33 p.m.17 views

CVE-2021-45111

Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials...

8.1CVSS6.9AI score0.00844EPSS
Exploits0
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Mobile Fiel...

7.5CVSS7.8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

7.5CVSS7.8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.2 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

7.5CVSS7.8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.2 views

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by an attacker to cause unauthorized creation, deletion, or modification access to critical data or all MySQL Server-accessible data, as well as cau...

5.9CVSS6.1AI score0.01471EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

7.5CVSS7.8AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Application...

7.5CVSS8.2AI score0.00627EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

7.5CVSS7.8AI score0.00545EPSS
Exploits0References2
OSV
OSV
added 2022/11/21 8:39 p.m.4 views

GHSA-JQ6X-99HJ-Q636 Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

Impact If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error: python np.ones0, 231, 231 An example of a proof of concept: python import numpy as np import tensorflow as tf inputval =...

4.8CVSS7AI score0.0033EPSS
Exploits1References4
OSV
OSV
added 2022/11/14 7:59 p.m.14 views

GSD-2022-1007666 ext4: avoid crash when inline data creation follows DIO write

ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/11/14 7:53 p.m.11 views

GSD-2022-1007606 ext4: avoid crash when inline data creation follows DIO write

ext4: avoid crash when inline data creation follows DIO write This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.6 views

PT-2022-35562 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to the ext4 file system, where a crash can occur when inline data creation follows a DIO write. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.5 views

Oracle Siebel CRM 安全漏洞

Oracle Siebel CRM is a set of customer relationship management solutions from Oracle Oracle. The solution includes modules for sales management, marketing management, customer service system, and call center. A security vulnerability exists in Siebel Core - DB Deployment and Configuration for...

7.5CVSS7.6AI score0.00638EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking, and property management. An input validation error vulnerability exists in Oracle Banking Trade Finance component: Infrastructure version 14.5, whic...

6.4CVSS7.2AI score0.00555EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Oracle MySQL 输入验证错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and an input validation error vulnerability exists in Oracle MySQL 8.0.28 and earlier versions, which originates in the PAM Auth component of MySQL...

4.9CVSS5.2AI score0.00866EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.7 views

The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature allows a malicious actor to gain unauthorized access to create, modify, or delete data.

The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create, modify, o...

8.5CVSS7.6AI score0.01028EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder