Lucene search
+L

155 matches found

CNVD
CNVD
added 2015/05/07 12:0 a.m.6 views

Oracle Data Quality LoaderWizard SetEntities Type Obfuscation Remote Code Execution Vulnerability

Oracle Data Quality is the United States Oracle Oracle company's set of software provides a comprehensive data quality management environment. The software supports data management, data integration and data migration. A remote code execution vulnerability exists in Oracle Data Quality's...

6.8CVSS8.3AI score0.0189EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/03/30 12:0 a.m.20 views

Oracle Data Quality LoaderWizard DataPreview Type Confusion (CVE-2015-0446)

A remote code execution vulnerability has been reported in Oracle Data Quality LoaderWizard DataPreview method contained in the TSS12.LoaderWizard.lwctrl ActiveX control. The vulnerability is due to type confusion when handling data passed to it. A remote attacker can exploit this vulnerability b...

6.8CVSS7.3AI score0.0189EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2015/03/13 12:0 a.m.22 views

(0Day) Oracle Data Quality LoaderWizard DataPreview Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.4AI score0.0189EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2015/03/13 12:0 a.m.30 views

(0Day) Oracle Data Quality LoaderWizard SetEntities Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.0189EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2015/03/13 12:0 a.m.30 views

(0Day) Oracle Data Quality DscXB onloadstatechange Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.0189EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2015/03/13 12:0 a.m.22 views

(0Day) Oracle Data Quality LoaderWizard Module Unloading Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.01906EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/30 12:0 a.m.14 views

Oracle Enterprise Data Quality Director Detection

Binary data oracleedqdirectordetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/30 12:0 a.m.15 views

Oracle Enterprise Data Quality Dashboard Detection

Binary data oracleedqdashboarddetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/30 12:0 a.m.38 views

Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU)

The version of Oracle Enterprise Data Quality running on the remote host is affected by multiple vulnerabilities : - A flaw in Apache Commons BeanUtils allows a remote attacker to execute arbitrary code by manipulating the ClassLoader. CVE-2014-0114 - A flaw in Apache Tomcat allows a remote...

7.5CVSS7.2AI score0.96121EPSS
Exploits4References3
Prion
Prion
added 2014/07/26 11:11 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for adding a project connection...

4.3CVSS5.9AI score0.01161EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/07/26 10:0 a.m.49 views

CVE-2014-3071

The CVE-2014-3071 vulnerability affects IBM InfoSphere Data Quality Console (11.3). The issue is a cross-site scripting (XSS) flaw that can be triggered when adding a new project connection, allowing an attacker to craft a link that could be used by an authenticated user to execute arbitrary scri...

4.3CVSS5.7AI score0.01161EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/07/26 10:0 a.m.21 views

CVE-2014-3071

Cross-site scripting XSS vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for adding a project connection...

5.5AI score0.01161EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2014/07/14 12:0 a.m.29 views

Oracle Data Quality PostcardPreviewInt onclose Untrusted Pointer Dereference (CVE-2014-2415)

A remote code execution vulnerability exists in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.TransformerTools.PostcardPreviewInt ActiveX control. A remote attacker can exploit this vulnerability by...

5CVSS7.2AI score0.01343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/07/13 12:0 a.m.24 views

Oracle Data Quality FileChooserDlg onChangeDirectory Untrusted Pointer Dereference (CVE-2014-2418)

A remote code execution vulnerability exists in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscTools.FileChooserDlg ActiveX control. A remote attacker can exploit this vulnerability by enticing a user ...

3.8AI score0.01343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/06/25 12:0 a.m.22 views

Oracle Data Quality DateTimeWrapper onchange Remote Code Execution (CVE-2014-2416)

A remote code execution vulnerability has been reported in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscForms.DateTimeWrapper ActiveX control. A remote attacker can exploit this vulnerability by...

7.2AI score0.01343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/06/18 12:0 a.m.24 views

Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference (CVE-2014-2417)

A remote code execution vulnerability exists in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscXB.XB ActiveX control. A remote attacker can exploit this vulnerability by enticing a user to open a...

5CVSS7.2AI score0.01343EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/02 12:0 a.m.13 views

Oracle Data Quality and Profiling Client Detection

Binary data oracledataqualityandprofilingclientinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/05/02 12:0 a.m.14 views

Oracle Data Quality and Profiling Client Multiple Vulnerabilities (April 2014 CPU)

According to the version of the Oracle Data Quality and Profiling client installed on the remote host, it is affected by multiple unspecified ActiveX control vulnerabilities. By tricking a user into opening a specially crafted document, an attacker may be able to execute arbitrary code...

5CVSS5.8AI score0.01343EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2014/04/21 12:0 a.m.28 views

Oracle Data Quality DscXB onloadstatechange Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.3AI score0.01343EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2014/04/21 12:0 a.m.23 views

Oracle Data Quality FileChooserDlg onChangeDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.3AI score0.01343EPSS
Exploits0References1
Rows per page
Query Builder