Lucene search
K

65 matches found

BDU FSTEC
BDU FSTEC
added 2019/02/05 12:0 a.m.5 views

The vulnerability of the Security component (SQL Logger) of the Oracle Retail Merchandising System allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Security component SQL Logger of the Oracle Retail Merchandising System is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protoc...

6.5CVSS6.8AI score0.0117EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/10/19 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Hyperion Common Events Component (CNVD-2019-38556)

Oracle Hyperion is the United States Oracle Oracle company's set of financial modeling applications. The software provides financial settlement, report production and other functions. Hyperion Common Events is one of the event processing components. A security vulnerability exists in the User...

6.1CVSS8.6AI score0.01563EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management (CNVD-2018-24259)

Oracle Construction and Engineering Suite is a suite of portfolio management solutions for construction projects from Oracle Corporation.Primavera P6 Enterprise Project Portfolio Management P6 is one of the components for planning, managing and executing projects. Primavera P6 Enterprise Project...

6.1CVSS6.4AI score0.01147EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/03 12:0 a.m.3 views

Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise HCM Human Resources Component (CNVD-2019-38811)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise HCM Human Resources is one of the human resource management components...

6.1CVSS6.5AI score0.01542EPSS
Exploits0References1
Vulnerability Lab
Vulnerability Lab
added 2018/07/06 12:0 a.m.201 views

Ebay Inc - CSRF Exploitation PoC of User Data Delete

Document Title: =============== Ebay Inc - CSRF Exploitation PoC of User Data Delete References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2053 Video: https://www.youtube.com/watch?v=KUenuqImsBs Release Date: ============= 2018-07-06 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2018/07/05 12:0 a.m.36 views

Ebay Inc - CSRF Exploitation PoC of User Data Delete

Document Title: =============== Ebay Inc - CSRF Exploitation PoC of User Data Delete References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2053 Video: https://www.youtube.com/watch?v=KUenuqImsBs Release Date: ============= 2018-07-05 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/09 12:0 a.m.21 views

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

Exploit Title: Plugin Buddypress Xprofile Custom Fields Type 2.6.3 RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/ Software Link: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/...

7AI score
Exploits0
OSV
OSV
added 2018/04/08 2:29 a.m.3 views

CVE-2018-9850

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete any file via directory traversal sequences in the id parameter of an Admin-Data-del request...

7.5CVSS5.8AI score0.01892EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/08 12:0 a.m.2 views

Gxlcms QY Arbitrary File Deletion Vulnerability

Gxlcms QY is an enterprise website creation system. A security vulnerability exists in the Lib\Lib\Action\Admin\DataAction.class.php file in Gxlcms QY version 1.0.0713. A remote attacker can exploit this vulnerability by deleting arbitrary files with the 'id' parameter in the Admin-Data-del reque...

7.5CVSS7.1AI score0.01892EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/19 12:0 a.m.2 views

Unspecified vulnerability in Oracle Financial Services Price Creation and Discovery component (CNVD-2018-01514)

Oracle Financial Services Applications is Oracle's suite of core banking, online banking, and property management financial services software. Oracle Financial Services Price Creation and Discovery is one of the financial services price creation and discovery component. A security vulnerability...

6.1CVSS6.7AI score0.01098EPSS
Exploits0References1
OSV
OSV
added 2017/10/19 5:29 p.m.5 views

CVE-2017-10054

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications subcomponent: MMS. The supported version that is affected is 7.30.564.0. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle...

5.1CVSS5.8AI score0.00399EPSS
Exploits0References2
CNVD
CNVD
added 2017/08/10 12:0 a.m.4 views

Oracle PeopleSoft Enterprise PRTL Interaction Hub Unauthorized Operation Vulnerability (CNVD-2017-28378)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, and more.PeopleSoft Enterprise PRTL Interaction Hub is one of the enterprise and Customer Interaction...

6.1CVSS6.5AI score0.0147EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.5 views

Oracle FLEXCUBE Private Banking Remote Vulnerability (CNVD-2017-21029)

Oracle Financial Services Applications is a set of core banking, online banking and property management financial services software from Oracle Corporation, of which Oracle FLEXCUBE Private Banking is a private banking component. A security vulnerability exists in the Miscellaneous subcomponent o...

6.1CVSS6.7AI score0.0147EPSS
Exploits0References1
OSV
OSV
added 2017/08/08 3:29 p.m.3 views

ALPINE-CVE-2017-3653

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protoco...

3.1CVSS4.7AI score0.01903EPSS
Exploits0References1
OSV
OSV
added 2017/08/08 3:29 p.m.6 views

CVE-2017-10200

Vulnerability in the Oracle Hospitality e7 component of Oracle Hospitality Applications subcomponent: Other. The supported version that is affected is 4.2.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality e7 executes to...

4.4CVSS7.3AI score0.00406EPSS
Exploits0References3
NVD
NVD
added 2017/08/08 3:29 p.m.25 views

CVE-2017-10131

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with netwo...

6.5CVSS6AI score0.01026EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.3 views

CVE-2017-10003

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Network Services Library. The supported version that is affected is 10. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...

4.5CVSS5.8AI score0.00366EPSS
Exploits11References3
BDU FSTEC
BDU FSTEC
added 2017/06/05 12:0 a.m.18 views

The vulnerability of the Remote Administration Daemon component of the Solaris operating system allows a perpetrator to gain access to read or modify data, thereby causing a partial service disruption.

The vulnerability of the Remote Administration Daemon component of the Solaris operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, add, or delete access to data, and cause partial service interruption...

7.5CVSS7.3AI score0.01702EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/05/15 12:0 a.m.5 views

The vulnerability of the Oracle MySQL database management system allows a hacker to gain access to read data or modify data.

The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, add, or delete data via network packets...

5.5CVSS6.5AI score0.01371EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/04/28 12:0 a.m.4 views

Oracle Marketing Unauthorized Operation Vulnerability (CNVD-2017-06406)

Oracle E-Business Suite E-Business Suite is Oracle's fully integrated suite of global business management software, of which Oracle Marketing is a component for managing marketing-related information and processes. A security vulnerability exists in the User Interface subcomponent of the Oracle...

7.1CVSS6.5AI score0.01299EPSS
Exploits0References1
Rows per page
Query Builder