Lucene search
K

116 matches found

Openbugbounty
Openbugbounty
added 2023/11/30 6:28 p.m.4 views

ebs-bortolazzi.com Improper Access Control vulnerability OBB-3798810

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Chainguard
Chainguard
added 2023/11/14 9:31 p.m.257 views

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, prometheus-adapter, aws-efs-csi-driver-fips, ip-masq-agent, nodetaint, aws-efs-csi-driver, spark-operator, kubernetes-dns-node-cache, aws-ebs-csi-driver...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2023/11/14 9:31 p.m.31 views

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: ip-masq-agent, kubernetes-dns-node-cache, nodetaint, prometheus-adapter, spark-operator, aws-efs-csi-driver...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2023/11/14 9:15 p.m.56 views

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, prometheus-adapter, aws-efs-csi-driver-fips, ip-masq-agent, nodetaint, aws-efs-csi-driver, spark-operator, kubernetes-dns-node-cache, aws-ebs-csi-driver...

8.8CVSS6.9AI score0.03578EPSS
Exploits0
Wolfi
Wolfi
added 2023/11/14 9:15 p.m.68 views

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: ip-masq-agent, kubernetes-dns-node-cache, nodetaint, prometheus-adapter, spark-operator, aws-efs-csi-driver...

8.8CVSS6.9AI score0.03578EPSS
Exploits0
Wolfi
Wolfi
added 2023/11/10 7:15 p.m.89 views

CVE-2023-47108 vulnerabilities

Vulnerabilities for packages: envoy-ratelimit, kubevela, volume-modifier-for-k8s, kubescape, cri-tools, temporal-server, buildkitd, k3s, temporal, docker-compose, kubernetes, kine, kubernetes-csi-external-resizer, metrics-server...

7.5CVSS6.8AI score0.01592EPSS
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.83 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: terraform-provider-sendgrid, kubernetes-csi-livenessprobe, kubernetes-csi-livenessprobe-fips, dynamic-localpv-provisioner-fips, smarter-device-manager-fips, kubeflow-fips, prometheus-adapter-fips, timestamp-authority-fips, slsa-verifier, aws-efs-csi-driver-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2023/10/11 10:15 p.m.2958 views

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: prometheus-elasticsearch-exporter-fips, oauth2-proxy, chartmuseum, thanos-operator, prometheus-postgres-exporter, k8sgpt-operator, kpt, trust-manager, aws-efs-csi-driver-fips, terraform, bank-vaults-fips, memcached-exporter, aws-efs-csi-driver, nats,...

7.5CVSS6.7AI score0.03796EPSS
Exploits0
Chainguard
Chainguard
added 2023/07/03 9:30 p.m.16 views

GHSA-CGCV-5272-97PR vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver...

7.3AI score
Exploits0
Chainguard
Chainguard
added 2023/07/03 9:15 p.m.41 views

CVE-2023-2728 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver...

6.5CVSS6.7AI score0.02157EPSS
Exploits1
Chainguard
Chainguard
added 2023/06/16 9:30 a.m.19 views

GHSA-XC8M-28VV-4PJC vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver...

7.3AI score
Exploits0
Chainguard
Chainguard
added 2023/06/16 8:15 a.m.42 views

CVE-2023-2431 vulnerabilities

Vulnerabilities for packages: aws-ebs-csi-driver...

5.5CVSS5.8AI score0.00257EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.5 views

PT-2023-2528 · Oracle · Oracle Iprocurement +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the E-Content Manager Catalog component. It allows a low-privileged attacker with network access via HTTP to...

5.5CVSS5.3AI score0.00377EPSS
Exploits0References4
Metasploit
Metasploit
added 2023/03/01 7:50 p.m.314 views

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

This module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user. Module Options msf use...

9.8CVSS9.8AI score0.98342EPSS
Exploits7
CVE
CVE
added 2023/01/17 11:35 p.m.70 views

CVE-2023-21825

CVE-2023-21825 affects Oracle E-Business Suite’s Oracle iSupplier Portal (Supplier Management). Versions 12.2.6–12.2.8 are affected. An unauthenticated, network-accessible attacker can exploit via HTTP to obtain unauthorized read access to a subset of data. The issue is described as easily exploi...

5.3CVSS4.4AI score0.00506EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2022/07/04 2:58 p.m.323 views

U.S. Dept Of Defense: Local File Read vulnerability on ██████████ [HtUS]

Kindly check screenshot ███████: In case if scope question. Because i picked this site from DOD website list under 'dod sites'. Lets move on to the bug now : Summary: Local File Include vulnerability on ███. Oracle Ebs Bispgrapgh is prone to a directory traversal vulnerability that can be exploit...

0.4AI score
Exploits0
CVE
CVE
added 2022/05/19 11:55 p.m.184 views

CVE-2022-21500

CVE-2022-21500 affects Oracle E-Business Suite, specifically the Manage Proxies component, with the vulnerable line item in 12.2 (12.1 is not impacted). The issue enables an attacker to access or potentially take over data in the Oracle E-Business Suite via HTTP over the network, with CVSSv3.1 ba...

7.5CVSS7.6AI score0.70589EPSS
In wildExploits1References2Affected Software2
OSV
OSV
added 2022/01/19 12:15 p.m.3 views

CVE-2022-21354

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks...

6.1CVSS7.3AI score0.00706EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2021/12/06 3:23 p.m.23 views

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

In case you didn’t hear, Amazon hosted AWS re:Invent in Las Vegas last week. As has come to be expected at the annual mega-event, Amazon made a number of huge announcements and launched a significant number of improvements and brand-new services and settings to enhance their public cloud platform...

7.5AI score
Exploits0
CVE
CVE
added 2021/07/20 10:44 p.m.64 views

CVE-2021-2406

CVE-2021-2406 affects Oracle E-Business Suite’s Oracle Collaborative Planning product, User Interface component. Affected versions are 12.1.1–12.1.3. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise Oracle Collaborative Planning, potentially enabling u...

8.1CVSS7.8AI score0.00987EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder