7437 matches found
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting Exploit Title: Cross-site Scripting XSS Date: 2019-01-15 Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Version: 12.2.1.3...
CVE-2019-2413
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...
CVE-2019-2413
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...
Design/Logic Flaw
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...
CVE-2019-2413
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...
CVE-2019-2413
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...
CVE-2019-2413
CVE-2019-2413 affects Oracle Fusion Middleware’s Oracle Reports Developer component (subcomponent: Valid Session) in version 12.2.1.3. The flaw allows an unauthenticated attacker with network access over HTTP to compromise Oracle Reports Developer, with human interaction required for exploitation...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Business Developer. Rational Business Developer has addressed the applicable CVEs. These issues were disclosed as part of the IBM Java S...
JVN#58010349: WordPress plugin "spam-byebye" vulnerable to cross-site scripting
The WordPress plugin "spam-byebye" contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who can access the setup page of the affected plugin. Solution Update the plugin Update the plugin according to the...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
Code injection
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-16198
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...
CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
UBUNTU-CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
CVE-2018-6111
Removed by vendor...
Machine Learning to Detect Software Vulnerabilities
No one doubts that artificial intelligence AI and machine learning ML will transform cybersecurity. We just don't know how, or when. While the literature generally focuses on the different uses of AI by attackers and defenders and the resultant arms race between the two I want to talk about...