The vulnerability of the Oracle Solaris operating system’s kernel allows a perpetrator to gain access to modify, add, or delete data, or cause partial service failure.

The vulnerability of the Oracle Solaris operating system’s kernel exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or cause partial service interruptions...

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthoriz...

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application exists due to insufficient verification of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information, or to modif...

The vulnerability of the Oracle Application Express Data Reporter component of the Oracle Database Server database management system allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the Oracle Application Express Data Reporter component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain...

The vulnerability of the Lifecycle Management component of the Hyperion Infrastructure Technology management solution allows a perpetrator to gain read access to data and modify it.

The vulnerability of the Lifecycle Management component of the Hyperion Infrastructure Technology exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read, modify, add, or delete data using the HTT...

The vulnerability of the AME Page rendering component of the Oracle Approvals Management component within the Oracle E-Business Suite system, which allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability in the AME Page rendering of the Oracle Approvals Management component of the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, add, or delete data through HTTP...

OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

The vulnerability of the Change Management sub-component of the Oracle Engineering component in the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, add, or delete data.

The vulnerability of the Change Management sub-component of the Oracle Engineering component in the Oracle E-Business Suite exists due to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, add, or delete data through HTT...

Car Rental Management System SQL注入漏洞

Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...

Car Rental Management System SQL注入漏洞

Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...

Car Rental Management System SQL注入漏洞

Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...

mysql: InnoDB unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

BD Synapsys 代码问题漏洞

BD Synapsys is a software application from Biddy Medical BD that provides data management and workflow functionality in clinical diagnostic activities in laboratories. A code issue vulnerability exists in BD Synapsys versions 4.20, 4.20 SR1, and 4.30 that stems from insufficient session expiratio...

BD Synapsys

1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Synapsys Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or delete...

Improper Access Control

publifycore is vulnerable to improper access control. The vulnerability exists in the update function in contentcontroller.rb due to improper validation of user permissions which allows an unauthorized user to modify the data in the system...

Cybozu Garoon Input Validation Error Vulnerability (CNVD-2022-54301)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An input validation error vulnerability exists in Cybozu Garoon, which stems from insufficient user-supplied inpu...

OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows...

OpenJDK: URI parsing inconsistencies (JNDI, 8278972)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...