513 matches found
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a business automation solution, allows a perpetrator to gain access to read, modify, and delete information.
The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete...
Vulnerability of the Server component: The MySQL Server database management system’s Optimizer component allows a hacker to gain unauthorized access for creating, deleting, and modifying data.
The vulnerability of the MySQL Server component, which is part of the database management system, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, and modify data...
The vulnerability of the Unified Audit component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, and delete information.
The vulnerability of the Unified Audit component of the Oracle Database Server management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete data...
The vulnerability in the virtual graphics adapter VMSVGA of the Oracle VM VirtualBox software allows a hacker to escalate their privileges and execute arbitrary code.
The vulnerability of the Virtual Graphics Adapter VMSVGA in the Oracle VM VirtualBox virtualization software is related to deficiencies in access control. This vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code...
The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication process, allows attackers to circumvent security restrictions.
The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
The vulnerability of the system administration program Sudo, related to deficiencies in authentication mechanisms, allows attackers to escalate their privileges.
The vulnerability of the system administration program Sudo is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the EMUI audio framework of the HarmonyOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the EMUI audio framework of the HarmonyOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the RAS Security component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the RAS Security component of the Oracle Database Server system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...
The vulnerability of the Blitz Identity Provider software, related to deficiencies in the authentication process, allows a perpetrator to change the email address of a user’s account.
The vulnerability of the Blitz Identity Provider software is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to change the email address of a user’s account remotely...
The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information by...
Navigating the Deep: Signature Extraction on Deep Neural Networks
Neural network model extraction has emerged in recent years as an important security concern, as adversaries attempt to recover a network's parameters via black-box queries. A key step in this process is signature extraction, which aims to recover the absolute values of the network's weights laye...
The vulnerability of the Apache OFBiz resource planning software lies in the lack of adequate protection measures for web page structures, allowing attackers to carry out XSS attacks.
The vulnerability of Apache OFBiz’s resource planning software is related to deficiencies in the security measures used to protect web page structures. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of the formSafeEmailFilter() function in the Tenda FH451 router software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formSafeEmailFilter function in the Tenda FH451 router software lies in the lack of data cleaning measures at the management level when processing the page parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
The vulnerability of the DataHandler class in the TYPO3 content management system allows attackers to enhance their privileges and gain unauthorized access to protected information.
The vulnerability of the DataHandler class in the TYPO3 content management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected information...
CVE-2023-28829
A vulnerability has been identified in SIMATIC NET PC Software V14 All versions, SIMATIC NET PC Software V15 All versions, SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC WinCC All versions V8.0, SINAUT Software ST7sc All versions. Before...
CVE-2023-3441
An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches...
The vulnerability of the setWiFiEasyCfg/setWiFiEasyGuestCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software allows a attacker to escalate their privileges.
The vulnerability of the setWiFiEasyCfg/setWiFiEasyGuestCfg function in the /cgi-bin/cstecgi.cgi file of the TOTOLINK A3700R wireless router software is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
Zoo Management System /admin/profile.php File SQL Injection Vulnerability
Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contactnumber in the file /admin/profile.php. An attacker can exploit this...
The vulnerability of the Share Livestream module in the UniFi Protect video surveillance system allows a intruder to gain unauthorized access to protected information.
The vulnerability of the Share Livestream module in the UniFi Protect video surveillance system is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to circumvent existing security restrictions and execute arbitrary code.
The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute arbitrary code...