EUVD-2018-2816

Malware in sbrugna...

The vulnerability of the components of the Oracle Enterprise Command Center Framework allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Diagnostics components of the Oracle Enterprise Command Center Framework is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through the HTTP network protocol...

CVE-2024-21268

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.11-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications...

PT-2024-9761 · Oracle · Oracle Enterprise Command Center Framework

Name of the Vulnerable Software and Affected Versions: Oracle Enterprise Command Center Framework versions 11 through 13 Description: The issue is related to insufficient input validation in the Diagnostics component of the Oracle Enterprise Command Center Framework. This can be exploited by a...

PT-2024-7013 · Oracle · Oracle E-Business Suite

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.11 through 12.2.13 Description: The issue is related to the Diagnostics component of Oracle Applications Manager, which is part of the Oracle E-Business Suite. It allows a low-privileged attacker with...

The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a system for automating business operations in enterprises under the Oracle E-Business Suite, allows a perpetrator to gain access to and modify data.

The vulnerability of the Diagnostics component of the Oracle Applications Framework software in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete dat...

PT-2023-3623 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.3.12 Description: The issue is related to insufficient input validation in the Diagnostics component of the Oracle Applications Framework product. It allows an unauthenticated attacker with...

The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a part of the Oracle E-Business Suite, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Diagnostics component of the Oracle Applications Framework software in the Oracle E-Business Suite exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

CVE-2022-21566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

CVE-2022-21566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

Oracle Applications Framework 输入验证错误漏洞

Oracle Applications Framework is an MVC-based web development framework from Oracle Corporation. An input validation error vulnerability exists in Oracle Applications Framework component: Diagnostics versions 12.2.9 through 12.2.11, which can be exploited by an attacker to gain web access over...

CVE-2021-35566

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-35552

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Diagnostics. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

Oracle E-Business Suite和Oracle Applications Manager 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP and includes a collection of ERP Enterprise Resource Planning Management, HR Human Resource Management, CRM Customer Relationship Management and other applications that are seamlessly integrated into one management suite. The...

The vulnerability of the Windows Mobile Device Management (MDM) Diagnostics component for Windows operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows Mobile Device Management MDM Diagnostics component of Windows operating systems is related to improper handling of connections. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created...

The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a part of the Oracle E-Business Suite, allows an intruder to access, modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the Diagnostics component of the Oracle Applications Framework, a part of the Oracle E-Business Suite, relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

CVE-2019-2621

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

Memory corruption

An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'get ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of t...

CVE-2018-10750

An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'staticGet ' function and cause memory corruption. Furthermore, it is possible to redirect t...

CVE-2018-10747

An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'unset ' function and cause memory corruption. Furthermore, it is possible to redirect the flow...