Design/Logic Flaw

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorre...

The vulnerability of the Pre Login component of Oracle FLEXCUBE Direct Banking system allows a perpetrator to modify data or gain privileged access.

The vulnerability of the Pre Login component of the Oracle FLEXCUBE Direct Banking system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to modify data or gain privileged access using network packets...

The vulnerability of the Analytics Web General component of the Oracle Business Intelligence Enterprise Edition software platform arises from insufficient validation of input data. This allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Analytics Web General component of the Oracle Business Intelligence Enterprise Edition software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to the ability to modify, add, or...

The vulnerability of the UI Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to read data or modify data.

The vulnerability of the UI Framework component of the Enterprise Manager Base Platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read data or to modify, add, or delete data through HTTP requests...

The vulnerability of the Web Listener component of the Oracle HTTP Server allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Web Listener component of the Oracle HTTP Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain read access to data or modify data remotely...

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software lies in insufficient validation of input data. This allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Analytics Actions component of the Oracle Business Intelligence Enterprise Edition software exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely gain access to the ability to modify, add, or delete da...

The vulnerability of the Task Automation component of the Oracle Hyperion Financial Management application allows a perpetrator to gain read access to data, modify data, cause partial service disruption, or obtain privileged access.

The vulnerability of the Task Automation component of the Oracle Hyperion Financial Management application exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain read access to data, modify data, cause partial service failure, or...

The vulnerability of the FMW Control Plugin sub-component of the Enterprise Manager for Fusion Middleware software platform allows a malicious individual to gain access to data, modify data, or cause a partial service disruption.

The vulnerability of the FMW Control Plugin component of the Enterprise Manager for Fusion Middleware software from Oracle exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read access to data, modify data, or cause a partial service...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a perpetrator to gain read access to data, modify data, or cause partial service disruption.

The vulnerability of the Outside In Filters component within Oracle’s software development kit SDK “Outside In Technology” exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to gain read access to data, modify, add, or delete data, or cause a...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows a attacker to access, modify, add, or delete data.

The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data through HTTP requests...

Vulnerability of the Server component: The Stored Procedure of the Oracle MySQL Server database management system, which allows attackers to access, modify, add, or delete data, or cause service interruptions.

The vulnerability of the Oracle MySQL Server database management system’s stored procedures is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data, or cause service interruptions using the MySQL networ...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s packaging allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Oracle MySQL Server database management system component involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data using the MySQL network protocol...

The vulnerability of the Shopping Cart component of the Oracle Knowledge Management component within the Oracle E-Business Suite allows a malicious individual to access, modify, add, or delete data, as well as gain unauthorized access to protected information.

The vulnerability of the Shopping Cart component of the Oracle Knowledge Management component within the Oracle E-Business Suite involves deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, as well as gain...

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows attackers to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.

The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete...

The vulnerability of the Attribute Admin Setup component of the Oracle Partner Management application within the Oracle E-Business Suite allows a malicious individual to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.

The vulnerability of the Attribute Admin Setup component in the Oracle Partner Management application of the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, as well as gain...

The vulnerability of the access control mechanism of Cisco Firepower Management Center (FMC) allows a perpetrator to gain access to modify, add, or delete data, as well as to gain unauthorized access to protected information.

The vulnerability of the access control mechanism of Cisco Firepower Management Center FMC is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data, as well as to gain unauthorized access to protect...

The vulnerability of the Profiles component of the Oracle Application Object Library in the Oracle E-Business Suite allows a perpetrator to access data for modification, addition, or deletion, as well as gain unauthorized access to protected information.

The vulnerability of the Profiles component of the Oracle Application Object Library in the Oracle E-Business Suite system for enterprise automation activities is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, ...

The vulnerability in the web interface of the Cisco Firepower Management Center software allows a perpetrator to access, modify, add, or delete data, as well as gain unauthorized access to protected information.

The vulnerability of the web interface for managing Cisco Firepower Management Center FMC software involves a lack of security measures for the web page structure. Exploiting this vulnerability allows an attacker operating remotely to access, modify, add, or delete data, as well as gain...

The vulnerability of the Bill Issues component of the Oracle Bills of Material application in the Oracle E-Business Suite allows a malicious individual to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.

The vulnerability of the Bill Issues component of the Oracle Bills of Material application within the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, as well as gain...

The vulnerability of the Kernel component of the Oracle Solaris operating system allows a perpetrator to trigger a service failure or gain access to modify, add, or delete data.

The vulnerability of the Kernel component in Oracle Solaris operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain access to modify, add, or delete data...