CVE-2020-15793

A vulnerability has been identified in Desigo Insight All versions. The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could allow an unauthenticated attacker to retrieve or modify data in the context of a legitimate user by...

CVE-2020-15793

A vulnerability has been identified in Desigo Insight All versions. The device does not properly set the X-Frame-Options HTTP Header which makes it vulnerable to Clickjacking attacks. This could allow an unauthenticated attacker to retrieve or modify data in the context of a legitimate user by...

The vulnerability of the InnoDB component of the MySQL Database Server allows a attacker to create, delete, or modify access to critical data, or all data accessible to the MySQL Server, or cause service interruptions.

The vulnerability of the InnoDB component of the MySQL Database Management System is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to create, delete, or modify access to critical data or all data accessible to the MySQL Server. It can also cause...

Design/Logic Flaw

Trend Micro Antivirus for Mac 2020 Consumer contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data. An attacker must...

The vulnerability of the Application Express component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Application Express component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data...

Mediatek MT7620N Authentication Bypass Vulnerability

The Mediatek MT7620N is an IEEE802.11n on-chip routing chip from China's MediaTek. An authentication bypass vulnerability exists on the Mediatek MT7620N 1.06 device, which can be exploited by an attacker to identify information or potentially modify data...

mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructu...

CVE-2019-18989

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which wou...

CVE-2019-18991

A partial authentication bypass vulnerability exists on Atheros AR9132 3.60AMX.8, AR9283 1.85, and AR9285 1.0.0.12NA devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sen...

CVE-2019-18990

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a...

CVE-2019-18991

A partial authentication bypass vulnerability exists on Atheros AR9132 3.60AMX.8, AR9283 1.85, and AR9285 1.0.0.12NA devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sen...

Authentication flaw

A partial authentication bypass vulnerability exists on Atheros AR9132 3.60AMX.8, AR9283 1.85, and AR9285 1.0.0.12NA devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sen...

CVE-2019-18990

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a...

CVE-2019-18989

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which wou...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages arises from insufficient validation of input data, allowing unauthorized access to data modifications.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to and modify data...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages arises from insufficient validation of input data, allowing unauthorized access to data modifications.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to and modify data remotely...

The vulnerability of the Workbench search system of Oracle Commerce Guided Search and the Oracle Commerce Experience Manager, a tool for managing the user environment, allows an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Workbench search engine component of Oracle Commerce Guided Search and the Oracle Commerce Experience Manager user environment management tool exists due to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to...

The vulnerability of the Security component of the Oracle AutoVue data visualization application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Security component of the Oracle AutoVue data visualization application is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

Vulnerability of the MySQL Server component: The Pluggable Auth feature of the MySQL database management system allows attackers to gain access to modify, add, or delete data.

The vulnerability of the MySQL Server component, the Pluggable Auth system for database management, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the MySQL Protocol...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite system allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to access and modify, add, or delete data...