Lucene search
K

347 matches found

BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.5 views

The vulnerability of the Web Container (JavaServer Faces) component of the Oracle WebLogic Server application server allows a attacker to disclose sensitive information that is protected by security measures.

The vulnerability of the Web Container JavaServer Faces component of the Oracle WebLogic Server application server is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information using the HTTP...

7.8CVSS6.8AI score0.10124EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2020/01/15 12:0 a.m.3 views

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2020-08167)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

6.5CVSS8AI score0.10124EPSS
Exploits0References1
Symantec
Symantec
added 2020/01/14 12:0 a.m.63 views

Oracle WebLogic Server CVE-2020-6950 Remote Security Vulnerability

Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Container JavaServer Faces' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0, 12.2.1.4.0 Technologies...

1AI score0.10124EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2019/12/19 12:0 a.m.180 views

Oracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle ADF Faces. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Remote Regions component. The issue results from the lack of proper validation of...

9.8CVSS4.2AI score0.14264EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.6 views

The vulnerability of the ADF Faces sub-component of the Oracle JDeveloper component and the ADF software platform of Oracle Fusion Middleware allows a perpetrator to gain full control over the application.

The vulnerability of the ADF Faces sub-component of the Oracle JDeveloper component and the ADF software platform of Oracle Fusion Middleware is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the...

10CVSS7.7AI score0.14264EPSS
Exploits0References5Affected Software21
OpenVAS
OpenVAS
added 2019/11/08 12:0 a.m.13 views

Forcepoint Email Security Detection (HTTP)

HTTP based detection of Forcepoint Email Security. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/10/17 12:0 a.m.447 views

Oracle WebLogic Server Multiple Vulnerabilities (Oct 2019 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the jquery component of the Web Services of Oracle Weblogic Server. An unauthenticated, remote attacker can exploit this to gain unauthorized update, inser...

8.1CVSS6.9AI score0.87218EPSS
Exploits15References11
OSV
OSV
added 2019/10/16 6:15 p.m.25 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS7.5AI score0.14264EPSS
Exploits0References7
NVD
NVD
added 2019/10/16 6:15 p.m.29 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS9.3AI score0.14264EPSS
Exploits0References7
Cvelist
Cvelist
added 2019/10/16 5:40 p.m.29 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS9.2AI score0.14264EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2019/10/16 5:40 p.m.19 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS7.3AI score0.14264EPSS
Exploits0References7
CNVD
CNVD
added 2019/10/16 12:0 a.m.5 views

Oracle JDeveloper and ADF Unauthorized Access Vulnerability

Oracle JDeveloper is an integrated development environment that provides end-to-end support for modeling, developing, debugging, optimizing, and deploying Java applications and Web services.Oracle ADF is an end-to-end Java EE framework that simplifies application development by providing...

9.8CVSS9.3AI score0.14264EPSS
Exploits0References1
Symantec
Symantec
added 2019/10/15 12:0 a.m.72 views

Oracle JDeveloper and ADF CVE-2019-2904 Remote Security Vulnerability

Description Oracle JDeveloper and ADF are prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'ADF Faces' package is affected. This vulnerability affects the following supported versions: 11.1.1.9.0, 12.1.3.0.0, 12.2.1.3.0 Technologies Affect...

1.6AI score0.14264EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/10/02 1:58 p.m.63 views

CVE-2019-17091

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled...

7.4AI score0.02469EPSS
Exploits1References17
Debian CVE
Debian CVE
added 2019/10/02 1:58 p.m.29 views

CVE-2019-17091

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled...

6.1CVSS6.5AI score0.02469EPSS
Exploits1
Symantec
Symantec
added 2019/10/02 12:0 a.m.63 views

Eclipse Mojarra CVE-2019-17091 Cross Site Scripting Vulnerability

Description Eclipse Mojarra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may all...

0.2AI score0.02469EPSS
Exploits1References3Affected Software3
0day.today
0day.today
added 2019/09/22 12:0 a.m.51 views

Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting Vulnerability

Exploit for java platform in category web applications ======================================================================= title: Reflected Cross-Site Scripting XSS product: Oracle Mojarra JSF included in Java EE 7 Eclipse Mojarra JSF vulnerable version: 2.2 & 2.3 fixed version:...

7.4AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2019/08/09 11:0 p.m.138 views

This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station'

The Surveillance Detection Scout can track license plates and faces near your Tesla—with all the privacy concerns that implies...

3.2AI score
Exploits0
HackRead
HackRead
added 2019/02/16 3:37 p.m.96 views

Website uses Artificial Intelligence to create utterly realistic human faces

By Waqas A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool? A couple of months ago it was reported that NVIDIA has developed a tool that uses Artificial Intelligence to create extremely realistic human faces which...

1.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.5 views

The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform allows a perpetrator to gain unauthorized access to data.

The vulnerability of the Java Server Faces component of the Oracle GlassFish Server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to data using the HTTP protocol...

5.3CVSS6.3AI score0.01657EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder