The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, allows an attacker to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management application, a part of the Oracle E-Business Suite, relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete data using the HTTP network protoc...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform in the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Marketing Administration component of Oracle’s marketing platform relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete...

keycloak: user can manage resources with just "view-profile" role using new Account Console

A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...

CVE-2020-14389

A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission...

Unspecified Vulnerability in Oracle Hospitality OPERA Property Services Logging

Oracle Hospitality OPERA 5 Property Services is a Windows-based application component of Oracle Corporation for processing payment card payments. A security vulnerability exists in Oracle Hospitality OPERA 5 Property Services Logging version 5.5, 5.6 that allows a highly privileged attacker to...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

...

Unspecified Vulnerability in Oracle Hyperion Analytic Provider Services Smart View Provider

Oracle Hyperion Analytic Provider Services is a set of financial modeling applications from Oracle Oracle. The software provides financial settlement, report production and other functions. A security vulnerability exists in Oracle Hyperion Analytic Provider Services Smart View Provider version...

Unspecified Vulnerability in Oracle Hyperion Infrastructure Technology UI and Visualization Components

Oracle Hyperion Infrastructure Technology is a financial analytics product from Oracle Corporation USA. A security vulnerability exists in the Oracle Hyperion Infrastructure Technology UI and Visualization components that could allow a highly privileged attacker to compromise Hyperion...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

Unspecified Vulnerability in Oracle Business Intelligence Enterprise Edition (CNVD-2020-59237)

Oracle Business Intelligence Enterprise Edition OBIEE is a business intelligence BI tool from Oracle Corporation. A security vulnerability exists in the Analytics Actions component in Oracle Business Intelligence Enterprise Edition 5.5.0.0.0, 12.2.1.3.0, 12.2.1.4.0. An attacker could use this...

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2020-61056)

Oracle BI Publisher is an intelligent business publishing product from Oracle USA. The product can output data in a certain format into a report format. A security vulnerability exists in Oracle Fusion Middleware component: E-Business Suite - XDO for multiple versions of Oracle BI Publisher. An...

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2020-59240)

Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. A security vulnerability exists in the BI Publisher Security component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...

Unspecified Vulnerability in Oracle BI Publisher (CNVD-2020-59241)

Oracle BI Publisher is a reporting solution that makes it easier and faster than traditional reporting tools to produce, manage and deliver all reports and documents. A security vulnerability exists in the E-Business Suite - XDO component in Oracle BI Publisher 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0,...

OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

Oracle WebLogic Server Access Control Issue Vulnerability

Oracle WebLogic Server is an Oracle Oracle application service middleware for cloud and traditional environments, which provides a modern lightweight development platform that supports the entire lifecycle management of applications from development to production and simplifies application...

Oracle Hospitality Suite8 WebConnect Unauthorized Access Vulnerability

Oracle Hospitality Suite8 is a digital solution for hotel management from Oracle. A security vulnerability exists in Oracle Hospitality Suite8 WebConnect version 8.10.2, versions 8.11 through 8.15, which allows an unauthenticated attacker to compromise Oracle Hospitality Suite8 by accessing the...

The vulnerability of the Windows operating system, related to privilege management errors, allows a perpetrator to elevate their privileges and gain access to data modification.

The vulnerability of the Windows operating system is related to privilege management errors. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain access to data modification through a specially created application...

Oracle Database Server Information Disclosure Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. An information disclosure vulnerability exists in the Oracle Application Express Group...