Oracle PeopleSoft Enterprise Common Components 安全漏洞

Oracle PeopleSoft Enterprise Common Components are a set of public components from Oracle Corporation USA. A security vulnerability exists in Oracle PeopleSoft Enterprise Common Components. A low-privileged attacker with network access via HTTP could compromise the PeopleSoft Enterprise Common...

Oracle MySQL 安全漏洞

Oracle MySQL is a relational database from Oracle Corporation. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL. An attacker can exploit this vulnerability to compromise MySQL Server by accessing the network over multiple protocols and perform unauthorized creation...

CVE-2022-21619

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to...

Oracle HTTP Server 安全漏洞

Oracle HTTP Server is the Web server component of Oracle Fusion Middleware from Oracle Corporation. A security vulnerability exists in Oracle HTTP Server versions 12.2.1.3.0 and 12.2.1.4.0. An attacker could exploit the vulnerability to update, insert, or delete database data...

CVE-2022-21635

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

PT-2022-24959 · Oracle · Oracle Access Manager

Name of the Vulnerable Software and Affected Versions: Oracle Access Manager version 12.2.1.3.0 Description: The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks can result in unauthorized update, insert, or delete acces...

Oracle JD Edwards Products 跨站脚本漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products provide application modules for financial management, project management, and asset lifecycle management. A cross-site scripting vulnerability exists in Oracle JD...

CVE-2022-21618

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...

PT-2022-6859

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 17.0.4.1 through 19 Oracle GraalVM Enterprise Edition versions 21.3.3 through 22.2.0 Description The issue is related to a vulnerability in the JGSS component of Oracle Java SE and Oracle GraalVM Enterprise Edition,...

IBM WebSphere Application Server 安全漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data...

CVE-2022-39800

SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information causing a limited...

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

CVE-2022-39013

Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the applicatio...

PT-2022-24669 · Sap Se +1 · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue allows an authenticated attacker to access OS credentials under certain conditions. This access enables the attacker to modify system data and potentially make the system...

The vulnerability of the SAP Enterprise Portal software integration platform lies in its lack of protection for website structures, allowing attackers to view, add, modify, or delete data.

The vulnerability of the SAP Enterprise Portal software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to remotely view, add, modify, or delete data...

The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform lies in the lack of security measures for the website structure, allowing attackers to view, add, modify, or delete data.

The vulnerability of the SAP NetWeaver Enterprise Portal software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to remotely view, add, modify, or delete data...