CVE-2021-2251

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

Oracle CRM Technical Foundation 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...

Design/Logic Flaw

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

CVE-2021-27962 affects Grafana Enterprise 7.2.x and 7.3.x (before 7.3.10) and 7.4.x (before 7.4.5). The vulnerability allows a dashboard editor to bypass a permission check on a data source they should not access. This is a permission‑level bypass in the data source access path. The CVSS metrics ...

CVE-2021-27962

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality. Mitigation If you are using the Enterprise version of Grafana, you ca...

Grafana Labs Grafana Enterprise 安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise that stems from a user with the...

CVE-2021-1870

creationtimestamp| type| source ---|---|--- 2021-01-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=543 2021-11-08 08:58:17+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05...

CVE-2021-1353

creationtimestamp| type| source ---|---|--- 2021-01-20 22:33:28+00:00| seen| https://t.me/cibsecurity/22456...

CVE-2021-21242

creationtimestamp| type| source ---|---|--- 2021-01-16 00:51:28+00:00| seen| https://t.me/cibsecurity/22233...

CVE-2021-3121

creationtimestamp| type| source ---|---|--- 2021-01-11 12:45:18+00:00| seen| https://t.me/cibsecurity/21896 2024-01-15 19:46:59+00:00| seen| https://t.me/arpsyndicate/2803...

DEBIAN-CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

UBUNTU-CVE-2020-36187

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

PT-2021-3168 · Apache +3 · Apache Tomcat +3

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x before 2.9.10.8 Description: The issue is related to the interaction between serialization gadgets and typing, specifically involving the org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

DEBIAN-CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

FasterXML jackson-databind code issue vulnerability

FasterXML jackson-databind is a JAVA-based library that can convert data formats such as XML and JSON to JAVA objects. jackson-databind can easily convert Java objects to json objects and xml documents, and likewise convert json, xml to Java objects. A code issue vulnerability exists in versions...

Information Disclosure

DBI module is vulnerable to information disclosure. Local attackers could open files from folders other than those specifically passed via the fdir attribute in the data source name DSN...