Microsoft Windows Media Foundation Memory Corruption Vulnerability (CNVD-2020-48267)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Media Foundation A memory corruption vulnerability exists in Microsoft...

Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CNVD-2020-46575)

Microsoft Windows is an operating system for personal devices from Microsoft.The Windows Codecs Library is one of the audio and video codecs in the... A remote code execution vulnerability exists in the Microsoft Windows Codecs Library, which stems from a problem with the way the Microsoft Window...

Microsoft Windows Media Foundation Memory Corruption Vulnerability (CNVD-2020-48266)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Media Foundation A memory corruption vulnerability exists in Microsoft...

The vulnerability of the Tile Server component of the Oracle Fusion Middleware MapViewer software allows a intruder to gain access to modify, add, or delete data.

The vulnerability of the Tile Server component of the Oracle Fusion Middleware MapViewer visualization software relates to the lack of security measures for the web page structure. Exploiting this vulnerability allows a malicious actor to remotely access and modify, add, or delete data using the...

The vulnerability of the Expenses component in the PeopleSoft Enterprise FIN Expenses business application suite allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Expenses component in the PeopleSoft Enterprise FIN Expenses business application is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information or to modify,...

The vulnerability of the Time and Labor component of the Oracle PeopleSoft Enterprise HRMS application allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Time and Labor component of the Oracle PeopleSoft Enterprise HRMS is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected informati...

The vulnerability of the Web Container component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Web Container server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete data...

The vulnerability of the Rich Text Editor component in the Oracle PeopleSoft Enterprise PeopleTools business application package allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Rich Text Editor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information or to modify...

The vulnerability of the Setup component in mobile applications of Oracle CRM Gateway for Mobile Devices allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Setup component in mobile applications belonging to the Oracle CRM Gateway for Mobile Devices is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to modify, add, or delete data...

The vulnerability of the Setup component in mobile applications of Oracle CRM Gateway for Mobile Devices allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Setup component in mobile applications belonging to the Oracle CRM Gateway for Mobile Devices is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the InnoDB component of the Oracle MySQL Server database management system allows a attacker to gain read, modify, add, or delete access to data.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to read, modify, add, or delete data using the MySQL protocol...

The vulnerability of the Analytics Web Answers component of the Oracle Business Intelligence Enterprise Edition software allows a hacker to gain access to, modify, add, or delete data, or to cause service interruptions.

The vulnerability of the Analytics Web Answers component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or cause a service failure...

The vulnerability of the Address Book component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows a malicious individual to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Address Book component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

Vulnerability of the Infrastructure component of the Oracle Financial Services Analytical Applications Infrastructure software; unauthorized access to protected information; or ability to modify, add, or delete data.

The vulnerability of Oracle Financial Services Analytical Applications Infrastructure’s component is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information or to modify, add, or...

PT-2020-3654 · Microsoft · Windows Media Foundation +1

Name of the Vulnerable Software and Affected Versions: Windows Media Foundation affected versions not specified Description: The issue is caused by a memory corruption vulnerability in Windows Media Foundation, allowing an attacker to install programs, view, change, or delete data, or create new...

OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Sky SKYSEA Client View Path Traversal Vulnerability

Sky SKYSEA Client View is an enterprise IT asset management tool from Sky Japan. A security vulnerability exists in Sky SKYSEA Client View versions 12.200.12n through 15.210.05f. The vulnerability can be exploited by an attacker to gain unauthorized access, modify/access sensitive information or...