Lucene search
K

4659 matches found

CNVD
CNVD
added 2019/01/31 12:0 a.m.3 views

Google Chrome Insufficient Policy Enforcement Vulnerability

Chrome is a web browsing tool developed by Google. A policy enforcement insufficiency vulnerability exists in Canvas in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit this vulnerability to leak cross-origin data via a crafted HTML page...

6.5CVSS8.5AI score0.01632EPSS
Exploits0References1
OSV
OSV
added 2019/01/30 10:29 p.m.3 views

DEBIAN-CVE-2018-17189

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

5.3CVSS7.8AI score0.19404EPSS
Exploits0References1
OSV
OSV
added 2019/01/30 10:29 p.m.2 views

ALPINE-CVE-2018-17189

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...

5.3CVSS6.9AI score0.19404EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/01/30 6:6 p.m.5 views

Mozilla: Use-after-free parsing HTML5 stream

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird 60.5, Firefox ESR 60.5, and...

9.8CVSS7.3AI score0.12658EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...

7.1CVSS7.1AI score0.01466EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.5 views

The vulnerability of the Console component of the Oracle Argus Safety software platform allows a intruder to gain unauthorized access to protected data.

The vulnerability of the Console component of the Oracle Argus Safety software platform is related to security mechanism failures. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

6.8CVSS6.8AI score0.01495EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to data or cause service failures.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to data or cause service failures using the HTTP protocol...

7.1CVSS7.1AI score0.01466EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.16 views

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTT...

6.4CVSS6.7AI score0.01123EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.5 views

The vulnerability of the Feeds component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows attackers to disclose protected information.

The vulnerability of the Feeds component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to security mechanism failures. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information using the HTTP protocol...

5CVSS5.8AI score0.01429EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the “Outside In” component in the software development kit (SDK) of “Outside In Technology” allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the “Outside In” component in the software development kit SDK related to Outside In Technology is associated with inadequate access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

6.5CVSS6.8AI score0.01512EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTT...

6.4CVSS6.7AI score0.01123EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.5 views

The vulnerability of the Xenvironment component in the Oracle Retail Xstore Point of Service software allows a perpetrator to gain full control over the application.

The vulnerability of the Xenvironment component in the Oracle Retail Xstore Point of Service software is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application using the HTTP protocol...

6.8CVSS6.8AI score0.01423EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.4 views

The vulnerability of the Outside In Filters component of the software development kit (SDK) provided by Outside In Technology allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Outside In Filters component within the software development kit SDK of Outside In Technology is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or cause...

7.2CVSS7.2AI score0.01699EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.2 views

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a malicious individual to gain unauthorized access to protected data.

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access using the HTTP protocol...

5CVSS5.9AI score0.0124EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.3 views

The vulnerability of the XML Publisher component in the PeopleSoft Enterprise PeopleTools business application suite allows a malicious individual to gain unauthorized access to protected data.

The vulnerability of the XML Publisher component in the PeopleSoft Enterprise PeopleTools business application suite is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application using the HTTP protocol...

8.3CVSS7.2AI score0.01844EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.4 views

The vulnerability of the Advanced Console controller component of Oracle Identity Manager allows a malicious actor to gain unauthorized access to protected data or cause service failures.

The vulnerability of the Advanced Console controller component of Oracle Identity Manager is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data or cause service failures using the...

7.2CVSS7.2AI score0.01767EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.4 views

The vulnerability of the Advanced UI interface of Oracle WebCenter Sites applications allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Advanced UI interface of Oracle WebCenter Sites for online user services is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

6.9CVSS7AI score0.04579EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.4 views

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to disclose protected information.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to security mechanism failures. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information using the HTTP protocol...

5.3CVSS6.2AI score0.01547EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.5 views

The vulnerability of the “Outside In” component in the software development kit (SDK) of “Outside In Technology” allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the “Outside In” component in the software development kit SDK related to Outside In Technology is associated with inadequate access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data or cause service failures...

6.5CVSS6.8AI score0.01767EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/30 12:0 a.m.4 views

The vulnerability of the Console component of the Oracle Argus Safety software platform allows a intruder to gain unauthorized access to protected data.

The vulnerability of the Console component of the Oracle Argus Safety software platform is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

6.1CVSS6.7AI score0.01282EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder