13 matches found
CVE-2026-0046
In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48550
In testGrantSlicePermission of SliceManagerTest.java, there is a possible permanent denial of service due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-242537498
In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Oracle - SYS.LT.REMOVEWORKSPACE Evil Cursor
Oracle - SYS.LT.REMOVEWORKSPACE Evil Cursor -- -- sys-lt-removeworkspaceV2.sql -- -- -- Oracle SYS.LT.REMOVEWORKSPACE exploit 9iR2/10gR1,10gR2,11gR1 -- Evil cursor technique -- -- Grant dba permission to unprivileged user -- -- -- REF: http://www.google.it/search?q=SYS.LT.REMOVEWORKSPACE -- --...
Oracle - SYS.LT.COMPRESSWORKSPACETREE Evil Cursor
-- -- sys-lt-compressworkspacetreeV2.sql -- -- -- Oracle SYS.LT.COMPRESSWORKSPACETREE exploit 9iR2/10gR1,10gR2,11gR1 -- Evil cursor technique -- -- Grant dba permission to unprivileged user -- -- -- REF: http://www.google.it/search?q=SYS.LT.COMPRESSWORKSPACETREE -- -- AUTHOR: Andrea "bunker"...
Oracle SYS.LT.REMOVEWORKSPACE Exploit
-- -- sys-lt-removeworkspaceV2.sql -- -- -- Oracle SYS.LT.REMOVEWORKSPACE exploit 9iR2/10gR1,10gR2,11gR1 -- Evil cursor technique -- -- Grant dba permission to unprivileged user -- -- -- REF: http://www.google.it/search?q=SYS.LT.REMOVEWORKSPACE -- -- AUTHOR: Andrea "bunker" Purificato --...
XSS vulnerability at "Edit Space Permissions"
Description: XSS vulnerability at "Edit Space Permissions" page Exploit: Write to the "Grant permission to" field: "alertdocument.cookie"...
XSS vulnerability at "Edit Space Permissions"
Description: XSS vulnerability at "Edit Space Permissions" page Exploit: Write to the "Grant permission to" field: "alertdocument.cookie"...
XSS vulnerability at "Edit Space Permissions"
Description: XSS vulnerability at "Edit Space Permissions" page Exploit: Write to the "Grant permission to" field: "alertdocument.cookie"...
Oracle 10g - KUPM$MCP.MAIN SQL Injection
Oracle 10g - KUPM$MCP.MAIN SQL Injection !/usr/bin/perl Remote Oracle KUPM$MCP.MAIN exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.red-database-security.com/ AUTHOR: Andrea "bunker" Purificato...
oracleaj-perm.txt
!/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.securityfocus.com/bid/16294 AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com DATE:...
Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit
No description provided by source. !/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.securityfocus.com/bid/16294 AUTHOR: Andrea "bunker" Purificato...
Oracle 10g - KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission
!/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: https://www.securityfocus.com/bid/16294 AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com DATE...