Unspecified Vulnerability in Oracle E-Business Suite Marketing Component

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Unspecified Vulnerability in Oracle E-Business Suite Workflow

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Workflow E-Business Suite is one...

Unspecified Vulnerability in Oracle Fusion Middleware Outside In Technology (CNVD-2019-37236)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. An...

Unspecified Vulnerability in Oracle Database Server Core RDBMS Component (CNVD-2019-37211)

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Core RDBMS is one of the relational database core components. An unspecified vulnerability exists in the...

Unspecified Vulnerability in Oracle Fusion Middleware Outside In Technology (CNVD-2019-37232)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle Corporation. The platform provides middleware, software collections, etc. Outside In Technology is one of the software development kit components. An...

Unspecified Vulnerability in Oracle Java SE and Java SE Embedded (CNVD-2019-37219)

Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...

Oracle Database Server Java VM Component Input Validation Error Vulnerability

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. An input validation error vulnerability exists in t...

CVE-2019-17354

wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00AARP.9C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page...

CVE-2019-17354

wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00AARP.9C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page...

CVE-2019-17354

The CVE concerns the wan.htm page on Zyxel NBG-418N v2 (firmware V1.00(AARP.9)C0) and is triggered by an authentication bypass. The vulnerability allows direct access to WAN information and enables an attacker to modify data fields on the affected page. Evidence in connected records confirms the ...

CVE-2019-17353

CVE-2019-17353 affects D-Link DIR-615 devices with firmware version 20.05 and 20.07. The issue: the WAN management page (wan.htm) is accessible directly without authentication, leading to potential disclosure of WAN information and the ability for an attacker to modify data fields on that page. T...

The vulnerability of the InnoDB component of the MySQL Database Server allows a hacker to gain access to modify, add, or delete data, or to cause service interruptions.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data, causing system downtime or service failures...

Guojiz Change Password Interface Has Arbitrary User Privilege Vulnerability

Guojiz is a light community system based on layui front-end framework and thinkphp. Guojiz password change interface has any user privilege vulnerability, an attacker can use this vulnerability to modify any user's data table information, so as to enhance their own or other people's privileges...

CVE-2019-12665

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2019-11661

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data...

Design/Logic Flaw

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data...

CVE-2019-11661

CVE-2019-11661 affects Micro Focus Service Manager versions 9.30–9.62 (as listed in the CVE). The vulnerability is described as allowing changes to some table by a non-SysAdmin, leading to unauthorized access and modification of data. The provided sources do not specify the underlying root cause,...

CVE-2019-11669

Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data...

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...