10504 matches found
CVE-2020-16272
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection...
Design/Logic Flaw
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection...
CVE-2020-16272
The CVE-2020-16272 entry concerns Kee Vault KeePassRPC prior to 1.12.0. The SRP-6a implementation lacks validation of a client-provided parameter, enabling remote attackers over a WebSocket (A=0) connection to read and modify data in the KeePass database. Multiple sources (NVD entry, Red Hat advi...
CVE-2020-4328
IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839...
Mail.ru: В самокате можно просматривать и изменять данные любого заказа без авторизации
IDOR in smart.space API allowed to change orders and list items of order content...
The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to...
The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access t...
The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access t...
The vulnerability of the java.io.tmpdir component in the Apache Ant build automation tool allows a attacker to modify data or gain unauthorized access to protected information.
The vulnerability of the java.io.tmpdir component in the Apache Ant build automation tool is related to errors in handling temporary files. Exploiting this vulnerability can allow an attacker to modify data or gain unauthorized access to protected information...
The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation Foundation software allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...
The vulnerability of the Data Masking component regarding data copying from working Oracle systems allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.
The vulnerability of Data Masking in copying data from Oracle workstations exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to protected information...
The vulnerability of the Oracle Database - Enterprise Edition component of the Oracle Database Server system allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the Oracle Database - Enterprise Edition database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...
The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...
The vulnerability of the CRM User Management Framework component of Oracle Common Applications allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the CRM User Management Framework component of Oracle Common Applications is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...
The vulnerability of the CRM User Management Framework component of Oracle Common Applications allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the CRM User Management Framework component of Oracle Common Applications is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to modify, add, or delete data...
The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...
The vulnerability of the Oracle Application Express component of the Oracle Database Server database management system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Oracle Application Express component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized acces...
The vulnerability of the Console component of the Oracle WebLogic Server application server allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Console component of the Oracle WebLogic Server application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information...
The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software, which is used for collecting configuration information about client configurations. This vulnerability allows an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Discovery and collection script component of the Oracle Configuration Manager software lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to...
The vulnerability of the SQL component of the Oracle Database Server system allows attackers to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the SQL component of the Oracle Database Server database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected...