30 matches found
EUVD-2020-6766
Malware in sbrugna...
EUVD-2022-26605
Malicious code in bioql PyPI...
EUVD-2022-26606
Malicious code in bioql PyPI...
EUVD-2023-26248
Malicious code in bioql PyPI...
CVE-2022-21383
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Log. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2022-21381
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2013-4958
Puppet Enterprise before 3.0.1 does not use a session timeout, which makes it easier for attackers to gain privileges by leveraging an unattended workstation...
CVE-2022-21382
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2020-14630
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications Applications component: File Upload. Supported versions that are affected are 8.1.0, 8.2.0 and 8.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...
Oracle Session Border Controller (January 2022 CPU)
The versions 8.4 and 9.0 of Oracle Enterprise Session Border Controller product of Oracle Communications installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2022 CPU advisory, including the following: - Easily exploitable vulnerability allows low...
CVE-2023-22083
CVE-2023-22083 pertains to Oracle’s Enterprise Session Border Controller (ESBC) Web UI. The issue, affecting ESBC versions 9.0–9.2, arises from insufficient input validation in the Web UI. An unauthenticated attacker who can reach the ESBC over HTTPS can trigger a read access to a subset of data,...
PT-2023-6205 · Oracle · Oracle Enterprise Session Border Controller
Name of the Vulnerable Software and Affected Versions: Oracle Enterprise Session Border Controller versions 9.0 through 9.2 Description: The issue is related to insufficient input validation in the Web UI component. It allows an unauthenticated attacker with network access via HTTPS to compromise...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...
Oracle Enterprise Session Border Controller Denial of Service Vulnerability
Oracle Communications is a product of Oracle Corporation USA. A denial-of-service vulnerability exists in Oracle Enterprise Session Border Controller, which could be exploited by an attacker to cause a partial denial of service in Oracle Enterprise Session Border The vulnerability can be exploite...
CVE-2022-21381
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2022-21382
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
Design/Logic Flaw
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2022-21383
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Log. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2022-21383
CVE-2022-21383 affects Oracle Communications’ Oracle Enterprise Session Border Controller (E-SBC), specifically the “Log” component. Affected software versions are 8.4 and 9.0. The vulnerability allows a low-privilege, network-authenticated attacker (via HTTP) to compromise the E-SBC and can lead...
CVE-2022-21383
Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Log. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...