Lucene search
K

231 matches found

Positive Technologies
Positive Technologies
added 2021/10/04 12:0 a.m.4 views

PT-2021-30996

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the Blink browser module’s rendering engine due to errors in the implementation of security checks for standard elements. Successful exploitation could allow a remote...

9.4CVSS5.3AI score0.00187EPSS
Exploits0References19
BDU FSTEC
BDU FSTEC
added 2021/09/17 12:0 a.m.6 views

The vulnerability of the Icinga system for monitoring network resources’ accessibility lies in its lack of sufficient validation of input data. This allows attackers to add, modify, or delete information within the system.

The vulnerability of Icinga’s system for monitoring network resources exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to add, modify, or delete information remotely...

9CVSS7.1AI score0.01803EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2021/09/15 7:15 p.m.4 views

CVE-2021-33704

The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack...

8.8CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 2021/08/18 5:36 a.m.19 views

CVE-2021-20768

Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege...

5.6AI score0.00818EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.5 views

Minecraft 路径遍历漏洞

Minecraft My World is a Swedish sandbox game by Mojang. Minecraft had a path traversal vulnerability prior to 1.17.1 that originated when online-mode=false was configured to allow path traversal to delete arbitrary JSON files...

7.5CVSS6.7AI score0.0143EPSS
Exploits0References4
OSV
OSV
added 2021/06/01 12:15 p.m.4 views

CVE-2021-27828

SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

9.1CVSS7.3AI score0.2028EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/06/01 11:24 a.m.29 views

CVE-2021-27828

SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries...

9.8AI score0.2028EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2021/05/19 12:0 a.m.138 views

In4Suit ERP 3.2.74.1370 SQL Injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite...

0.2AI score
Exploits0
0day.today
0day.today
added 2021/05/19 12:0 a.m.41 views

In4Suit ERP 3.2.74.1370 - (txtLoginId) SQL injection Vulnerability

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite ERP 3.2.74.1370...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2021/05/19 12:0 a.m.234 views

In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows CVE: CVE-2021-27828 ----------------------------------------- SQL...

9.1CVSS9.6AI score0.2028EPSS
Exploits2
OSV
OSV
added 2021/04/22 10:15 p.m.5 views

CVE-2021-2267

Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Labor Distribution...

8.1CVSS6.8AI score0.00987EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.7 views

The vulnerability of the TCP/IP protocol implementation in the Stack Trace stack allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the TCP/IP protocol implementation in the Trace stack is related to integer overflows. Exploiting this vulnerability allows a remote attacker to gain access to modify, add, or delete data...

7.5CVSS7.2AI score0.03171EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that information.

The vulnerability of the Print Server component of the Oracle One-to-One Fulfillment application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

9.4CVSS7.8AI score0.01511EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.5 views

The vulnerability of the Message Display component of the Oracle Email Center software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...

9CVSS7.7AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Worklist component of the Oracle Workflow system allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Worklist component of the Oracle Workflow system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information, or to modify, add, or delete data using the HTTP...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts allows a malicious individual to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.8 views

The vulnerability of the Runtime Catalog component of the Oracle iStore system, a system for creating, managing, and personalizing online stores, allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Runtime Catalog component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acce...

8.2CVSS7.7AI score0.01169EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.4 views

The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to read, modify, add, or delete data using the...

8.2CVSS7.7AI score0.01255EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.8 views

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...

8.2CVSS7.7AI score0.01155EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder