9 matches found
Arbitrary Code Execution
Overview MongoDB.Driver is an Official .NET driver for MongoDB. Affected versions of this package are vulnerable to Arbitrary Code Execution via ObjectSerializer when deserializing a compromised object. Exploiting this vulnerability allows a privileged user to cause arbitrary code execution, whic...
CVE-2022-48282
Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...
Design/Logic Flaw
Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...
CVE-2022-48282 Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution
Under very specific circumstances see Required configuration section below, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and...
PT-2023-15661 · Mongodb · Mongodb .Net/C# Driver
Name of the Vulnerable Software and Affected Versions: MongoDB .NET/C Driver versions prior to and including v2.18.0 Description: Under very specific circumstances, a privileged user is able to cause arbitrary code to be executed, which may cause further disruption to services. This issue is...
PT-2020-1330 · Oracle · Oracle Flexcube Investor Servicing
Name of the Vulnerable Software and Affected Versions: Oracle FLEXCUBE Investor Servicing versions 12.1.0 through 12.4.0 Oracle FLEXCUBE Investor Servicing versions 14.0.0 through 14.1.0 Description: The issue is related to inadequate access controls in the Infrastructure component of Oracle...
Design/Logic Flaw
Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2018-3131
Vulnerability in the Oracle Hospitality Gift and Loyalty component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle...
Updated mariadb packages fix security vulnerabilities
Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Server component of MariaDB subcomponent: MyISAM. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this...