Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞

Oracle WebLogic Server is a product of Oracle Corporation. Oracle WebLogic Server is an application services middleware for cloud and traditional environments that provides a modern, lightweight development platform that supports the entire lifecycle management of applications from development to...

CVE-2022-21541

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to...

PT-2022-4252

Name of the Vulnerable Software and Affected Versions Oracle Java SE version 17.0.3.1 Oracle GraalVM Enterprise Edition versions 21.3.2 through 22.1.0 Description The issue is related to insufficient input validation in the Libraries component of Oracle Java SE and Oracle GraalVM Enterprise...

CVE-2022-21549

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated...

Oracle FLEXCUBE Universal Banking 输入验证错误漏洞

Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...

Oracle ZFS Storage Appliance 输入验证错误漏洞

Oracle ZFS Storage Appliance is a storage appliance that supports flash memory, petabyte file storage and built-in Oracle database from Oracle USA. A security vulnerability exists in the Oracle ZFS Storage Appliance that could be exploited by an attacker to cause unauthorized update, insertion, o...

Oracle Fusion Middleware 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle USA. The platform provides middleware, software collections, and other capabilities. An input validation error vulnerability exists in Oracle Fusion...

Oracle Java SE和Oracle GraalVM 输入验证错误漏洞

Oracle Java SE is an Oracle Corporation product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. Oracle Java SE Component: Hotspot suffers from an input validation error vulnerability that stems from a hard-to-exploit...

Oracle Fusion Middleware 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collections, and other capabilities. SOA Suite is a component for building, deploying, and managing Service...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The products include core banking, online banking, and property management.FLEXCUBE Universal Banking is one of the Internet and mobile banking solution components. An input validation error...

Oracle Financial Services Applications 输入验证错误漏洞

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking, and property management. An input validation error vulnerability exists in Oracle Banking Trade Finance component: Infrastructure version 14.5, whic...

PT-2022-3832 · Oracle · Mysql Shell For Vs Code

Name of the Vulnerable Software and Affected Versions: MySQL Shell for VS Code versions 1.1.8 and prior Description: The issue is related to insecure privilege management in the MySQL Shell for VS Code component. It allows an attacker to gain read, modify, or delete access to data. The...

PT-2022-3736 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.29 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to...

CVE-2022-32456

Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify, delete database or disrupt service...

PT-2022-4924 · Sap · Sap Enterprise Portal

Name of the Vulnerable Software and Affected Versions: SAP Enterprise Portal versions 7.10 through 7.50 Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to view, add, modify, or delete data. This is due to insufficient encoding of...

The vulnerability of the Infrastructure component of the Oracle Banking Trade Finance software allows a perpetrator to create, delete, or alter access to critical data, gain read-only access to data, or cause partial service disruption.

The vulnerability of Oracle Banking Trade Finance’s Infrastructure component is related to errors in the code. Exploiting this vulnerability allows a malicious actor to create, delete, or alter access to critical data, gain read-only access to data, or cause partial service interruptions through...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a attacker to gain read access to data or modify data.

The vulnerability of the Console component of the Oracle WebLogic Server application lies in reading data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to gain access to read data or modify data through specially crafted HTTP requests...

The vulnerability of the My Links component of the PeopleSoft Enterprise Interaction Hub software, which allows a hacker to gain access to read data or modify data.

The vulnerability of the My Links component of the PeopleSoft Enterprise Interaction Hub content management software exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data or modify data using HTTP...

The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to gain access to modify, add, or delete data, or cause the system to crash or fail in rare cases.

The vulnerability of the Core component in Oracle VM VirtualBox exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or cause the system to freeze or, in rare cases, crash...

The vulnerability of the Financial Gateway component of the PeopleSoft Enterprise FIN Cash Management software allows a perpetrator to gain read access to data or modify data.

The vulnerability of the Financial Gateway component of the PeopleSoft Enterprise FIN Cash Management software exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data or modify data using specially...