Oracle Marketing Unauthorized Access Vulnerability (CNVD-2020-27000)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Oracle Marketing Unauthorized Access Vulnerability (CNVD-2020-26999)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Unspecified Vulnerability in Oracle E-Business Suite One-to-One Fulfillment (CNVD-2020-38197)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software, the software provides customer relationship management, service management, financial management and other functions. The software provides customer...

Oracle Marketing Unauthorized Access Vulnerability (CNVD-2020-27002)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Unspecified Vulnerability in Oracle E-Business Suite Depot Repair (CNVD-2020-36237)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. An unspecified vulnerability exists in Oracle...

Unspecified Vulnerability in Oracle E-Business Suite One-to-One Fulfillment (CNVD-2020-38198)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software, the software provides customer relationship management, service management, financial management and other functions. The software provides customer...

Unspecified Vulnerability in Oracle Learning Management

Oracle E-Business Suite is in the original Application ERP based on the expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management...

Oracle Marketing Unauthorized Access Vulnerability (CNVD-2020-27005)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Unspecified Vulnerability in Oracle iSupport

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. iSupport is one of the Internet-based customer support...

Oracle VM VirtualBox (Apr 2020 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.40, 6.0.x prior to 6.0.20 or 6.1.x prior to 6.1.6. It is, therefore, affected by multiple vulnerabilities as noted in the April 2019 Critical Patch Update advisory. Note that Nessus has not tested for this issue...

Default credentials

SAP Business Objects Business Intelligence Platform CMC, version 4.1, 4.2, shows cleartext password in the response, leading to Information Disclosure. It involves social engineering in order to gain access to system and If password is known, it would give administrative rights to the attacker to...

PT-2020-2546

Name of the Vulnerable Software and Affected Versions Java SE versions 11.0.6 and 14 Description The issue is related to insufficient access control in the JSSE component of Java SE, allowing an unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks can...

Community Input Validation Error Vulnerability

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management.Community is one of the plug-ins that support users to create albums and add photos. A security vulnerability exists in Community versi...

Huawei Taurus-AL00B Resource Management Error Vulnerability

The Huawei Taurus-AL00B is a smartphone from the Chinese company Huawei Huawei. A resource management error vulnerability exists in previous versions of Huawei Taurus-AL00B 10.0.0.203 C00E201R7P2. A local attacker could exploit the vulnerability to modify information and affect the usability of t...

Insulet Omnipod Insulin Management System Access Control Error Vulnerability

Insulet Omnipod Insulin Management System is an insulin management system from Insulet USA. An Access Control Error vulnerability exists in the Insulet Omnipod Insulin Management System, which arises from a failure of the wireless RF communication protocol to properly implement authentication or...

The vulnerability of the Media Foundation component in Windows operating systems allows a hacker to gain access and modify data.

The vulnerability of the Media Foundation component in Windows operating systems is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow an attacker to gain access to, modify, or delete data through a specially created document or a specially created web pag...

WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification

Exploit Title: Wordpress Plugin Custom Searchable Data System - Unauthenticated Data modification Date: 13 March 2020 Exploit Author: Nawaf Alkeraithe Vendor Homepage: https://wordpress.org/plugins/custom-searchable-data-entry-system/ Software Link:...

Microsoft Windows Microsoft Windows Media Foundation Memory Corruption Vulnerability

Microsoft Windows is an operating system for personal devices from Microsoft, of which Media Foundation is a multimedia development library. A memory corruption vulnerability exists in Microsoft Windows Media Foundation, which arises from a program's failure to properly handle memory objects and...

HackerOne: Changes to data in a CVE request after draft via GraphQL query

Summary: Our team has conducted a number of studies tests in the field of CVE Request. We found several statuses of such requests Awaiting Publication, Pending HackerOne approval, Cancelled . At the time of creating the request , we can change the data. However, we noticed that we can 't change...

Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Data Modification and Deletion

The estimated 2,000+ sites running the plugin are vulnerable to Unauthenticated Data Modification and Deletion, including the potential to delete the entire contents of any table in a vulnerable site’s database...