10511 matches found
SUSE CVE-2022-21465
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
SUSE CVE-2022-21488
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
SUSE CVE-2022-21496
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
SUSE CVE-2022-21527
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21556
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21618
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...
SUSE CVE-2022-21619
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to...
SUSE CVE-2022-39399
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerabilit...
PT-2023-2474 · Php +10 · Php +10
Name of the Vulnerable Software and Affected Versions: PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 Description: The issue is related to the core path resolution function in PHP, which allocates a buffer one byte too small. When resolving...
samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided
A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between...
The vulnerability of the Oracle Database RDBMS Security component of the Oracle Database Server allows a perpetrator to gain unauthorized access to protected data or to have control over the modification, addition, or deletion of protected data.
The vulnerability of the Oracle Database RDBMS Security component of the Oracle Database Server system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data or to modify, add, or...
The vulnerability of the Javautils sub-component of Oracle Application DBA systems, which is used in Oracle E-Business Suite, allows attackers to modify, add, or delete protected data.
The vulnerability of the Javautils sub-component of Oracle Application DBA systems, which is part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete protected data...
The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a malicious individual to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected data or to modify, add, o...
The vulnerability of the Synchronization sub-component of the Oracle Mobile Field Service component in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete protected data.
The vulnerability of the Synchronization sub-component of the Oracle Mobile Field Service component in the Oracle E-Business Suite enterprise automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker who operates remotely to modify,...
The vulnerability of the XML security component of the Oracle Web Services Manager application on the Oracle Fusion Middleware software platform allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the XML Security component of the Oracle Web Services Manager application in the Oracle Fusion Middleware software platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected data o...
The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component of the Oracle E-Business Suite, a business automation system, allows an attacker to gain access to modify, add, or delete protected data.
The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component in the Oracle E-Business Suite enterprise automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify,...
DEBIAN-CVE-2023-22332
Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 4.4 series, 4.3.0 to 4.3.4 4.3 series, 4.2.0 to 4.2.11 4.2 series, 4.1.0 to 4.1.14 4.1 series, 4.0.0 to 4.0.21 4.0 series, All versions of 3.7 series, All versions of 3.6 series, All versions of 3.5 series, All versions of 3....
The vulnerability of the Pocket Outlook Sync (PocketPC) component of the Oracle Sales for Handhelds module in the Oracle E-Business Suite allows a perpetrator to access, modify, add, or delete protected data.
The vulnerability of the Pocket Outlook Sync PocketPC component of the Oracle Sales for Handhelds component in the Oracle E-Business Suite automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, ...
The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a perpetrator to access, modify, add, or delete protected data. This component is part of the Oracle E-Business Suite, which serves as an automation tool for business activities.
The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete protected data...
Vulnerability of the MySQL Server component: Security: Encryption. This component allows a hacker to gain unauthorized access for reading, modifying, or deleting data, or to cause a service failure.
The vulnerability of the MySQL Server component’s Security: Encryption module is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service interruptions...