4421 matches found
CVE-2019-9066
PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile...
The vulnerability of the WLS component – the deployment server of Oracle WebLogic Server – allows a perpetrator to modify protected data.
The vulnerability of the WLS component – the deployment of Oracle WebLogic Server applications – is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete protected data through HTTP requests...
UBUNTU-CVE-2019-5760
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
httpd: DoS for HTTP/2 connections by continuous SETTINGS frames
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...
The vulnerability of the Performance Monitor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to data.
The vulnerability of the Performance Monitor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain unauthorized access to data using the HTTP protocol...
The vulnerability of the WebCenter Spaces Application component of the Oracle WebCenter Portal web platform, which allows a intruder to gain unauthorized access to data.
The vulnerability of the WebCenter Spaces Application component of the Oracle WebCenter Portal is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data using the HTTP protocol...
The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to data.
The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to data using the HTTP protocol...
The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform allows a perpetrator to gain unauthorized access to data.
The vulnerability of the Java Server Faces component of the Oracle GlassFish Server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to data using the HTTP protocol...
The vulnerability of the Outside In Filters component within the software development kit (SDK) of Outside In Technology allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the HTTP protocol...
The vulnerability of the Outside In Filters component of the software development kit (SDK) from Outside In Technology allows a perpetrator to gain unauthorized access to protected data.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using th...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the HTTP protocol...
The vulnerability of the Integrator component of the Oracle Endeca Information Discovery Integrator software, which allows a malicious individual to gain unauthorized access to protected data.
The vulnerability of the Integrator component of the Oracle Endeca Information Discovery Integrator software for data collection and analysis is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to...
The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system allows a perpetrator to alter the access rights to files.
The vulnerability of the Message Display component of the Oracle Email Center messaging software in the Oracle E-Business Suite system is related to insufficient access control. Exploiting this vulnerability could allow an attacker, operating remotely, to alter the access rights to files using th...
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the HTTP protocol...
The vulnerability of the Outside In Filters component within the software development kit (SDK) of Outside In Technology allows a hacker to trigger a service failure.
The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the HTTP protocol...
Microsoft SharePoint Input Validation Vulnerability
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...
chromium-browser: Use after free in Blink
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Use after free in HTML select elements
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
The vulnerability of the WLS component – the Web Services server of Oracle WebLogic Server – allows a perpetrator to gain access to protected information.
The vulnerability of the WLS component—the Web Services server of Oracle WebLogic Server—is related to insufficient access control. Exploiting this vulnerability could allow an attacker to gain access to protected information using the HTTP protocol...