1072 matches found
UC Browser is the presence of man in the middle attacks(MITM)vulnerability that could impact more than a billion devices-vulnerability warning-the black bar safety net
Researchers find UC Browser in the presence of a vulnerable functional block can be exploited by attackers to perform MiTM attacks. Because the UC Browser using the HTTP Protocol to communicate with the server, the transmission information is not encrypted, so the would be attacker hook request...
. NET advanced code audit of the fifth classes . NET Remoting deserialization vulnerability-vulnerability warning-the black bar safety net
In recent days foreign security researcher Soroush Dalili @irsdl公布了.NET the Remoting application may exist deserializing a security risk, when the server using the HTTP channel of the SoapServerFormatterSinkProvider class as the channel of the receiver and will automatically deserialize the...
The vulnerability of the NX-API network operating system function of Cisco NX-OS routers allows attackers to execute arbitrary commands.
The vulnerability of the NX-API network operating system function in Cisco NX-OS routers is related to the lack of measures for input data sanitization. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary commands with superuser privileges by sending malicious HTT...
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID: CVE-2019-9618 ============================================= I. VULNERABILIT...
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID:...
The vulnerability of the WebCenter Spaces Application component of the Oracle WebCenter Portal web platform, which allows a intruder to gain unauthorized access to protected data
The vulnerability of the WebCenter Spaces Application web platform’s Oracle WebCenter Portal relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...
The vulnerability of the Outside In Filters component within the software development kit (SDK) of Outside In Technology allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using th...
The vulnerability of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system allows attackers to gain access to protected information.
The vulnerability of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system relates to insufficient access control. Exploiting this vulnerability could allow an attacker operating remotely to gain access to protected information using the HTTP protocol...
The vulnerability of the Outside In Filters component of the software development kit (SDK) from Outside In Technology allows a attacker to trigger a Denial-of-Service Attack (DoS).
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the HTTP protocol...
Vulnerability of the Application Container component – The JavaEE application server Oracle WebLogic Server, which allows attackers to gain unauthorized access to protected data
The vulnerability of the Application Container component – the JavaEE application server Oracle WebLogic Server – is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP...
The vulnerability of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system allows a perpetrator to alter the access rights to files.
The vulnerability of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system relates to insufficient access control. Exploiting this vulnerability could allow an attacker, operating remotely, to alter the access rights to files using the HTTP protocol...
The vulnerability of the UIF Open UI component of the Oracle Siebel UI Framework software platform allows a malicious actor to gain unauthorized access to protected data. This vulnerability exists in the Oracle Siebel CRM system, which manages customer relationships.
The vulnerability of the UIF Open UI component of the Oracle Siebel UI Framework, a system for managing customer relationships in Oracle Siebel CRM, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access...
The vulnerability of the User Interface component of the Oracle Hyperion Common Events service allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the User Interface component of the Oracle Hyperion Common Events service is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...
The vulnerability of the Login component of the Farmagonzora Oracle Argus Safety platform allows a intruder to gain unauthorized access to protected data.
The vulnerability of the Console component of the Oracle Argus Safety pharmaceutical monitoring platform is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protoco...
The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to data.
The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to data using the HTTP protocol...
The vulnerability of the WLS component – the Web Services server of Oracle WebLogic Server – allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the WLS component—the Web Services server of Oracle WebLogic Server—is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...
The vulnerability of the Elastic Search component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the Elastic Search component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using...
CVE-2019-3822
CVE-2019-3822 affects libcurl 7.36.0 through before 7.64.0. The vulnerability is a stack-based buffer overflow in the NTLM header creation path: Curl_auth_create_ntlm_type3_message() uses unsigned arithmetic to guard a local buffer, but the check is insufficient, allowing the output data to excee...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...
The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected data.
The vulnerability of the Query component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the HTTP protocol...