UBUNTU-CVE-2018-3060

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Oracle Java SE Security Updates-02 (jul2018-4258247) - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-3064

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Default configuration

It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name...

CVE-2017-2638

It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name...

CVE-2017-2638

It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Security Bulletin: July 2016 Java Platform Standard Edition Vulnerabilities in N series Products

Summary Multiple N series products incorporate the Oracle Java Platform, Standard Edition Java SE software libraries. Java SE JDK and JRE versions below 6u121, 7u111, and 8u101 are susceptible to multiple vulnerabilities, potentially leading to unauthenticated remote code execution, a partial...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Algo Risk Application (CVE-2017-5648)

Summary IBM Algo One - Algo Risk Application could allow a remote attacker to bypass security restrictions, caused by the failure to use the appropriate facade object by certain application listener calls. Advsory 8335 Vulnerability Details CVE-ID: CVE-2017-5648 Description: Apache Tomcat could...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Counterparty Credit Risk (CVE-2017-5648)

Summary IBM Algo One - Counterparty Credit Risk could allow a remote attacker to bypass security restrictions, caused by the failure to use the appropriate facade object by certain application listener calls. Advsory 8335 Vulnerability Details CVE-ID: CVE-2017-5648 Description: Apache Tomcat coul...

CVE-2018-1085

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...

Joomla! Plugin NextGen Editor SQL Injection Vulnerability

Joomla! is an open source content management system CMS that provides RSS feeds, site search, etc. NextGenEditor is one of those plugins that allows you to build your entire website. A SQL injection vulnerability exists in the Joomla! plugin NextGen Editor. An attacker could use this vulnerabilit...

JB Bus SQL Injection Vulnerability in Joomla!

Joomla! is an open source content management system CMS.JB Bus is a component that creates functionality for online bus booking websites. Joomla JB Bus suffers from a SQL injection vulnerability. An attacker could use this vulnerability to corrupt the application, access or modify data, or exploi...

News PHP SQL Injection Vulnerability

News PHP is a script that includes admin panel management and author management. News PHP suffers from a SQL injection vulnerability. An attacker could use this vulnerability to compromise an application, access or modify data, or exploit a potential vulnerability in the underlying database...

OpenDaylight Controller SQL Injection Vulnerability

Opendaylight, a project of the Linux Foundation in the United States, is a community-driven open source software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly.Controller is one of the controllers. An SQL...

PT-2018-16029 · Oracle +6 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.60 and prior Oracle MySQL versions 5.6.40 and prior Oracle MySQL versions 5.7.22 and prior Oracle MySQL versions 8.0.11 and prior Description: The issue allows a high privileged attacker with network access via...

Information disclosure

Ruckus SmartZone formerly Virtual SmartCell Gateway or vSCG 3.5.0, 3.5.1, 3.6.0, and 3.6.1 Essentials and High Scale on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data...

CVE-2018-11036

Ruckus SmartZone formerly Virtual SmartCell Gateway or vSCG 3.5.0, 3.5.1, 3.6.0, and 3.6.1 Essentials and High Scale on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data...

OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

Wecodex Hotel CMS 1.0 - Admin Login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/hotel-management-system-in-php-and-mysql/7 Version: 1.0...