mysql: Server: Security: Audit unspecified vulnerability (CPU Jul 2019)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Audit. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

D-Link DIR-600M License Issue Vulnerability

The D-Link DIR-600M is a wireless router from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DIR-600M, which can be exploited to allow a user to directly access the wan.htm file without authentication. The vulnerability can be exploited by an attacker to disclose...

CVE-2019-13101

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page...

CVE-2019-13101

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page...

CVE-2019-13101

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page...

Authentication flaw

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page...

CVE-2019-13101

D-Link DIR-600M (firmware 3.02–3.06) models expose wan.htm without authentication, allowing disclosure of WAN information and potential modification of page data. Exploitation details exist (Metasploit/Exploit-DB module) targeting authentication bypass, with documented testing on firmware 3.01–3....

WordPress JoomSport 3.3 SQL Injection

Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link: https://wordpress.org/plugins/joomsport-sports-league-results-management...

mysql: MyISAM unspecified vulnerability (CPU Jul 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: MyISAM. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

mysql: Client programs unspecified vulnerability (CPU Jul 2018)

Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

CVE-2019-5502

SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data...

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data using the Oracle Net protocol stack...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to modify, add, or delete data, or to cause service failures.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete data, or cause service interruptions...

Oracle Retail Applications Retail Xstore Office Component Access Control Error Vulnerability

Oracle Retail Applications is the United States Oracle Oracle company's set of retail applications store solutions. The product includes inventory management, sales management and customer management, etc. Retail Xstore Office is one of the Web-based central management console component. An acces...

Oracle Retail Applications Retail Customer Management and Segmentation Foundation Component Access Control Error Vulnerability (CNVD-2019-39858)

Oracle Retail Applications is a set of retail applications store solutions from Oracle Corporation Oracle. The product includes inventory management, sales management and customer management, etc. Retail Customer Management and Segmentation Foundation is one of the retail customer management...

Oracle Food and Beverage Applications Hospitality Gift and Loyalty Component Access Control Error Vulnerability

Oracle Food and Beverage Applications is a suite of food and beverage sales management solutions from Oracle Corporation, of which Hospitality Gift and Loyalty is one of the gift and membership components. An access control error vulnerability exists in the Oracle Food and Beverage Applications...

Oracle Demantra Demand Management Arbitrary File Execution Vulnerability

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation. The product provides value chain planning, value chain execution, product lifecycle management, etc. Demantra Demand Management is one of the components used to manage supply chain demand. A security...

The vulnerability of the Territory Administration sub-component of the Oracle Territory Management component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Territory Administration sub-component of the Oracle Territory Management component in the Oracle E-Business Suite system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add...

The vulnerability of the Setup and Admin components of Oracle Knowledge Management, a business automation system from Oracle E-Business Suite, allows an attacker to access, modify, add, or delete data.

The vulnerability of the Setup and Admin components of Oracle Knowledge Management, a system for automating business activities within the Oracle E-Business Suite, is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to...

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system, which is used for automating business operations. This vulnerability allows a malicious individual to gain access to modify, add, or delete data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system, a business automation system, is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to...