The vulnerability of the Tools and Frameworks component of the Oracle Commerce Guided Search search engine and the Oracle Commerce Experience Manager user environment management tool allows a perpetrator to gain access to and modify data.

The vulnerability of the Tools and Frameworks component of the Oracle Commerce Guided Search system, as well as the Oracle Commerce Experience Manager user environment management tool, exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to ga...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...

Vulnerability of the Cluster component: The JS module of the Oracle MySQL Cluster database management system, which allows a hacker to cause a service failure.

Vulnerability of the Cluster component: The JS module of the Oracle MySQL Cluster database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the HTTP protocol over the network...

The vulnerability of the Email Marketing Stand-Alone component of the Oracle Siebel CRM system allows a hacker to modify data or gain unauthorized access to the device.

The vulnerability of the Search component in Oracle Siebel CRM’s customer relationship management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized access to the...

The vulnerability of the SDK client integration component of the Oracle Advanced Outbound Telephony component of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, add, or delete data.

The vulnerability of the SDK client integration component of the Oracle Advanced Outbound Telephony component of the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read,...

The vulnerability of the User Interface sub-component of the Oracle Collaborative Planning component of the Oracle E-Business Suite allows a perpetrator to access and modify data.

The vulnerability of the User Interface sub-component of the Oracle Collaborative Planning product, a business automation system within the Oracle E-Business Suite, exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to...

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Person Search component of the Oracle PeopleSoft Enterprise HCM Shared Components application exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthoriz...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK set is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure using the HTTP protocol...

OPENSUSE-SU-2022:0148-1 Security update for varnish

This update for varnish fixes the following issues: varnish was updated to release 7.1.0 boo1195188 CVE-2022-23959 VCL: It is now possible to assign a BLOB value to a BODY variable, in addition to STRING as before. VMOD: New STRING strftimeTIME time, STRING format function for UTC formatting...

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

Exploit for CVE-2022-21907

CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

Apache Tomcat Allows Source Disclosure

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...

GHSA-X445-MMPW-7R4F Apache Tomcat Allows Source Disclosure

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification i.e. HTTP/1.0...

GHSA-7WJ2-48C4-2684 Apache Tomcat Denial of Service vulnerability in the Catalina package

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...

Apache Tomcat Denial of Service vulnerability in the Catalina package

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.6 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests...

Slackware: Security Advisory (SSA:2017-300-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-25226

ThinVNC version 1.0b1 allows an unauthenticated user to bypass the authentication process via 'http://thin-vnc:8080/cmd?cmd=connect' by obtaining a valid SID without any kind of authentication. It is possible to achieve code execution on the server by sending keyboard or mouse events to the serve...

The vulnerability of the Samples component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Samples component of the Oracle WebLogic Server application server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data using the HTTP...