Input validation

A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service DoS condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to...

CVE-2020-3131 Cisco Webex Teams Adaptive Cards Denial of Service Vulnerability

A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service DoS condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to...

Security Bulletin: API Connect is impacted by a vulnerability in PHP (CVE-2019-11043)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11043 DESCRIPTION: In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocat...

KLA11535 An elevation of privilege vulnerability in Microsoft Developer Tools

An elevation of privilege vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2019-1211 Related products Microsoft-Visual-Studio CVE list CVE-2019-1211 warning KB list Solution Install necessary updates...

Topcoder: Stored-Xss at connect.topcoder.com/projects/ affected on project chat members

Hi team , I'm sorry for my bad report and english , but i wish you understand the impact of that bug here , if it well performed the sers may lose their access to their sso accounts Summary: While a developer at connect.topcoder.com can manage a messages about his/her project with someonelse , Th...

CVE-2020-2533

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2533

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Design/Logic Flaw

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2533

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2533

CVE-2020-2533 affects Oracle Fusion Middleware’s Oracle Reports Developer (component: Security and Authentication) with affected versions 12.2.1.3.0 and 12.2.1.4.0. The vulnerability allows an unauthenticated attacker who can reach Oracle Reports Developer over HTTP to compromise data, with the a...

KLA11634 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in ASP.NET Core can be exploited remotely via special...

Oracle Reports Developer Multiple Remote Security Vulnerabilities

Description Oracle Reports Developer is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Security and Authentication' component is affected. These vulnerabilities affect the following supported versions: 12.2.1.3.0, 12.2.1.4....

Fedora Update for python39 FEDORA-2019-7a0a8d022f

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Pixel Update Bulletin—January 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2020-01-01 or later address, at a minimum, all issues in this bulletin and all issues associated with t...

KLA11718 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

Security Bulletin: API Connect is impacted by credential caching

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4444 DESCRIPTION: IBM API Connect Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials...