PT-2026-37831

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

Astra Linux - Vulnerability in Golang-1.19

A malicious HTTP sender can use chunk extensions to cause the recipient reading from the request or response body to read much more bytes from the network than actually exist in the body. A malicious HTTP client can further exploit this to cause the server to automatically read a large amount of...

Oracle Health Sciences Applications security vulnerabilities

Oracle Health Sciences Applications is a clinical research and development solution developed by Oracle Corporation for the healthcare industry in the United States. The version 7.0.1.0 of Oracle Life Sciences Central Coding in Oracle Health Sciences Applications contains a security vulnerability...

Oracle Hospitality Applications security vulnerabilities

Oracle Hospitality Applications is a set of business applications, servers, and storage solutions for hotel management developed by Oracle Corporation in the United States. This product offers features such as human resources cost management and tracking of services provided throughout customers’...

mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can resul...

Oracle Financial Services Applications 安全漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle Corporation USA. The product includes core banking, online banking, and estate management. A security vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure versions...

mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can resul...

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL version 9.1.0 and prior versions. An attacker can use this vulnerability to create, delete, or modify...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing data to be read from devqueuexmitnit and packetgetsockopt via ignoreoutgoing...

PT-2024-4891 · Oracle · Oracle Complex Maintenance

Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the LOV component of Oracle Complex Maintenance, Repair, and Overhaul, allowing an...

Medium: containerd

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

AZL-79114 CVE-2023-39326 affecting package golang 1.25.7-1

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data up to about...

Oracle iReceivables 安全漏洞

Oracle iReceivables is an online account management application from Oracle Corporation USA. A security vulnerability exists in Oracle iReceivables versions 12.2.3-12.2.12, which can be exploited by an attacker to compromise Oracle iReceivables via HTTP access over the network, as well as...

SUSE CVE-2016-5545

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: GUI. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

CVE-2022-21260

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

Oracle PeopleSoft PeopleSoft 组件安全漏洞

Oracle PeopleSoft Enterprise PeopleTools is a component of Oracle's tools and technology platform that supports the transformation of the way organizations manage, use, and maintain their PeopleSoft software. An information disclosure vulnerability exists in the Portal component of Oracle...

Oracle PeopleSoft Enterprise PeopleTools Authorization Issues Vulnerability

Oracle PeopleSoft Enterprise PeopleTools is a component of Oracle's tools and technology platform that supports the transformation of the way organizations manage, use, and maintain their PeopleSoft software. A security vulnerability in Oracle PeopleSoft Enterprise PeopleTools PIA Grids version...

CVE-2020-2934

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL...

CVE-2019-2591

Vulnerability in the PeopleSoft Enterprise HRMS component of Oracle PeopleSoft Products subcomponent: Candidate Gateway. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

UBUNTU-CVE-2018-10244

Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check...