DEBIAN-CVE-2024-10488

Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafte...

The vulnerability of the User Interface component of the application for interacting with customers in Oracle Quoting, a system for automating business operations in the Oracle E-Business Suite. This vulnerability allows an attacker to gain unauthorized access to read, add, modify, or delete data.

The vulnerability of the User Interface component of the application for interacting with customers in Oracle Quoting, a system for automating business operations in the Oracle E-Business Suite, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow ...

Sharp MFP 安全漏洞

Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from not properly handling URL data in HTTP PUT requests, resulting in a path traversal vulnerability that could retrieve unexpected internal files when processing a carefully...

Huly Platform 安全漏洞

Huly Platform is an all-in-one project management platform from Huly open source. A security vulnerability exists in Huly Platform version v0.6.295. An attacker can exploit the vulnerability to execute arbitrary code by uploading a specially crafted HTML file to the tracker comment page...

PT-2024-31797 · Sharp +1 · Sharp Mfps +1

Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to the improper processing of query parameters in HTTP requests, resulting in an Out-of-bounds Read. Crafted HTTP requests may cause the affected...

PT-2024-32620 · Sharp +1 · Sharp Mfps +1

Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to the improper processing of HTTP authentication requests by Sharp and Toshiba Tec MFPs, resulting in an authentication bypass. Recommendations: At...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafte...

The vulnerability of the User Interface component of the Oracle Installed Base system, a component of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the User Interface component of the Oracle Installed Base information storage center in the Oracle E-Business Suite related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

CVE-2024-30124

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this service endpoint maliciously...

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing (OPM) application for process development management system of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Quality Manager Specification component in the Oracle Process Manufacturing OPM application for process development management system of the Oracle E-Business Suite is related to deficiencies in the authorization procedures. Exploiting this vulnerability could allow an...

The vulnerability of the WebAuthentication component in Google Chrome and Microsoft Edge browsers allows attackers to enhance their privileges.

The vulnerability of the WebAuthentication component in Google Chrome and Microsoft Edge relates to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created HTML page...

The vulnerability of the PictureInPicture component in Google Chrome and Microsoft Edge browsers allows attackers to perform spoofing attacks.

The vulnerability of the PictureInPicture component in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created HTML page...

The vulnerability of the Common Components component of the Oracle Financials financial management platform, which allows a malicious actor to gain unauthorized access to create, modify, and delete data.

The vulnerability of the Common Components component of the Oracle Financials financial management platform, part of the Oracle E-Business Suite, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to create, modify, and delete data.

The vulnerability of the Authoring component of the Oracle Service Contracts platform, a part of the Oracle E-Business Suite, is related to deficiencies in the authorization mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create...

VulnCheck KEV: CVE-2023-20263

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...

The vulnerability of the Cost Planning component of the Oracle Cost Management system, a cost management solution within the Oracle E-Business Suite. This component allows attackers to modify, add, or delete data.

The vulnerability of the Cost Planning component of the Oracle Cost Management system, a cost management solution within the Oracle E-Business Suite, is related to deficiencies in the authorization process due to incorrect validation of input data. Exploiting this vulnerability could allow an...

The vulnerability of the Price List component in the Oracle Advanced Pricing price and discount management tool. This component is part of the Oracle E-Business Suite, a business automation system that allows unauthorized users to access, modify, add, or delete data.

The vulnerability of the Price List component in the Oracle Advanced Pricing price and discount management tool is related to deficiencies in the authorization process due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to remotely access and modify, add...

The vulnerability of the Tasks component in the Oracle Common Applications Calendar application of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, and delete data.

The vulnerability of the Tasks component in Oracle Common Applications Calendar, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite, allows an attacker to access, modify, add, and delete data.

The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite automation system for enterprise activities, is related to authentication errors. Exploiting this vulnerability could allow an attacker to gain...