CVE-2023-21871

CVE-2023-21871 concerns Oracle MySQL Server, component InnoDB. The connected documents confirm affected versions up to 8.0.31 and earlier, with an attacker able to exploit remotely across multiple protocols to achieve a hang or crash (complete DOS) of MySQL Server. The material does not provide s...

CVE-2023-21870

CVE-2023-21870 is a MySQL Server vulnerability in the Server: Optimizer component. Affected versions are 8.0.31 and earlier. The issue allows a high-privilege attacker with network access via multiple protocols to cause a hang or complete denial of service (DOS) on the MySQL Server, per the initi...

CVE-2023-21868

CVE-2023-21868 is a vulnerability in Oracle MySQL Server (Server: Optimizer). Affected are MySQL 8.0.31 and earlier. A low-privilege, network-access attacker can cause a hang or crash (DOS). This is corroborated by connected advisories stating the same affected component/versions and impact. Reme...

CVE-2023-21866

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21864

CVE-2023-21864 is a MySQL Server vulnerability in the Oracle MySQL product (component: Server: Optimizer). Affected versions listed across connected docs are 8.0.30 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeat...

CVE-2023-21865

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21845

Affected product: Oracle PeopleSoft – PeopleTools, Panel Processor component in version 8.60. Vulnerability details: insufficient input validation in Panel Processor allows a low-privileged, network-accessible attacker via HTTP to perform unauthorized update/insert/delete on some data and unautho...

CVE-2023-21838

The CVE-2023-21838 entry affects Oracle WebLogic Server (Fusion Middleware Core) with versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. The issue is due to insufficient input validation in the Core component, allowing an unauthenticated attacker with network access via T3 or IIOP to trigger a hang...

CVE-2023-21836

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2023-21830

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows...

CVE-2023-21824

CVE-2023-21824 affects Oracle Communications BRM – Elastic Charging Engine, within Oracle Communications Applications. Affected versions are 12.0.0.3.0 through 12.0.0.7.0. The vulnerability allows a high-privilege attacker who can log on to the infrastructure where the Elastic Charging Engine run...

CVE-2022-39429

The CVE-2022-39429 entry affects Oracle Database Server’s Java VM component on 19c and 21c. The vulnerability is exploitable by a low-privilege attacker with Create Procedure privilege and network access via Oracle Net, enabling partial denial of service of the Java VM. This conclusion is support...

Cross site scripting

A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic. Affected is an unknown function of the file users.php. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. VDB-218454 is the identifier assigned ...

Oracle Enterprise Manager Ops Center UI or Other Patch (Oct 2019 CPU)

The version of Oracle Enterprise Manager Ops Center installed on the remote host is affected by a vulnerability as described in the October 2019 Critical Patch Update CPU. Vulnerability in the Enterprise Manager Ops Center product of Oracle Enterprise Manager component: Networking jQuery. Support...

InHand Networks InRouter

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: InHand Networks Equipment: InRouter302, InRouter615 Vulnerabilities: Cleartext Transmission of Sensitive Information, OS Command Injection, Use of a One-way Hash with a Predictable Salt, Improper Acces...

CVE-2017-16327

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

CVE-2017-16317

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

Buffer overflow

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

Buffer overflow

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

Buffer overflow

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...