231 matches found
CVE-2021-1135
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2021-1270
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this...
CVE-2021-1133
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...
The vulnerability of the access control function of the IoT network management software Field Network Director allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the access control function in the IoT network management software Field Network Director is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data...
The vulnerability of the APIs of the Oracle Installed Base information storage center component in the Oracle E-Business Suite, which allows a perpetrator to access, modify, add, or delete data.
The vulnerability of the APIs of the Oracle Installed Base information storage center in the Oracle E-Business Suite relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the...
JVN#57942454: Cybozu Garoon vulnerable to improper input validation
Cybozu Garoon provided by Cybozu, Inc. contains an improper input validation vulnerability CWE-20. Impact A user who can login to the product may delete some data of the bulletin board. Solution Update the software and Apply the patch Update the software to Cybozu Garoon version 5.0.2, and then...
Oracle Trade Management Unauthorized Access Vulnerability
Oracle Trade Management is a trade management system from Oracle. It provides functions such as product categorization and allocation, import of purchase orders and letters of credit, and reconciliation of estimated and actual costs to improve trade efficiency and profitability. An unauthorized...
The vulnerability of the SWSE Server component of the Siebel UI Framework allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the SWSE Server component of the Siebel UI Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...
Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2020-54910)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploite...
CVE-2020-1571
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...
CVE-2020-1554
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...
The vulnerability of the UI Servlet component of the Oracle Configurator allows a attacker to gain access to read, modify, add, or delete data.
The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...
Microsoft Windows Push Notification Service Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A security vulnerability exists in the way memory objects are handled in the Microsoft...
CVE-2020-14627
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2020-2787
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...
The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...
The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Core RDBMS component of the database management system, Oracle Database Server, is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the OracleNet network...
The vulnerability of the Web Listener component of the Oracle HTTP Server allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.
The vulnerability of the Web Listener component of the Oracle HTTP Server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...
The vulnerability of the Console component of Oracle WebLogic Server allows a perpetrator to gain access to modify, add, or delete data.
The vulnerability of the Console component of Oracle WebLogic Server is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...