Lucene search
K

231 matches found

OSV
OSV
added 2021/01/20 9:15 p.m.4 views

CVE-2021-1135

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...

4.3CVSS5.9AI score0.00632EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 8:15 p.m.3 views

CVE-2021-1270

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this...

6.5CVSS6.7AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 8:15 p.m.3 views

CVE-2021-1133

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...

7.3CVSS7.2AI score0.01084EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.5 views

The vulnerability of the access control function of the IoT network management software Field Network Director allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the access control function in the IoT network management software Field Network Director is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data...

4.1CVSS5.4AI score0.0071EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/05 12:0 a.m.6 views

The vulnerability of the APIs of the Oracle Installed Base information storage center component in the Oracle E-Business Suite, which allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the APIs of the Oracle Installed Base information storage center in the Oracle E-Business Suite relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the...

5CVSS6.4AI score0.01011EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/11/04 12:0 a.m.46 views

JVN#57942454: Cybozu Garoon vulnerable to improper input validation

Cybozu Garoon provided by Cybozu, Inc. contains an improper input validation vulnerability CWE-20. Impact A user who can login to the product may delete some data of the bulletin board. Solution Update the software and Apply the patch Update the software to Cybozu Garoon version 5.0.2, and then...

6.5CVSS6.5AI score0.01669EPSS
Exploits0
CNVD
CNVD
added 2020/10/22 12:0 a.m.3 views

Oracle Trade Management Unauthorized Access Vulnerability

Oracle Trade Management is a trade management system from Oracle. It provides functions such as product categorization and allocation, import of purchase orders and letters of credit, and reconciliation of estimated and actual costs to improve trade efficiency and profitability. An unauthorized...

9.1CVSS8.9AI score0.02797EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/09/17 12:0 a.m.4 views

The vulnerability of the SWSE Server component of the Siebel UI Framework allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the SWSE Server component of the Siebel UI Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...

6.1CVSS6.8AI score0.0112EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/09/11 12:0 a.m.1 views

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2020-54910)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploite...

7.8CVSS7.5AI score0.01089EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 7:15 p.m.3 views

CVE-2020-1571

An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...

7.3CVSS7.5AI score0.01076EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 7:15 p.m.2 views

CVE-2020-1554

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...

7.8CVSS7.1AI score0.03463EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/05 12:0 a.m.7 views

The vulnerability of the UI Servlet component of the Oracle Configurator allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, or delete data using the HTTP protocol...

8.2CVSS7.7AI score0.01349EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/07/20 12:0 a.m.3 views

Microsoft Windows Push Notification Service Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A security vulnerability exists in the way memory objects are handled in the Microsoft...

7.8CVSS6.7AI score0.00762EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 6:15 p.m.4 views

CVE-2020-14627

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

6.1CVSS5.8AI score0.00984EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.4 views

CVE-2020-2787

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

7.3CVSS7.1AI score0.01014EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.5 views

The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

4.7CVSS5.9AI score0.01043EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.4 views

The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

4.7CVSS5.9AI score0.01043EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.8 views

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Core RDBMS component of the database management system, Oracle Database Server, is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data using the OracleNet network...

3.5CVSS5.8AI score0.00784EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.6 views

The vulnerability of the Web Listener component of the Oracle HTTP Server allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the Web Listener component of the Oracle HTTP Server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...

6.1CVSS6.7AI score0.0109EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.8 views

The vulnerability of the Console component of Oracle WebLogic Server allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Console component of Oracle WebLogic Server is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...

4.3CVSS5.8AI score0.0097EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder