CVE-2020-2635

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: System Monitoring. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

Design/Logic Flaw

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

Design/Logic Flaw

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP ...

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

Design/Logic Flaw

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager component: Enterprise Config Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access...

CVE-2020-2731

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to...

CVE-2020-2731

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to...

CVE-2020-2614

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: APM Mesh. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2020-2569

CVE-2020-2569 concerns the Oracle Database Server, specifically the Oracle Applications DBA component. Affected are Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The vulnerability is described as easily exploitable by a low-privileged attacker who already has Local L...

PT-2020-1330 · Oracle · Oracle Flexcube Investor Servicing

Name of the Vulnerable Software and Affected Versions: Oracle FLEXCUBE Investor Servicing versions 12.1.0 through 12.4.0 Oracle FLEXCUBE Investor Servicing versions 14.0.0 through 14.1.0 Description: The issue is related to inadequate access controls in the Infrastructure component of Oracle...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

CVE-2019-19959

CVE-2019-19959 affects SQLite 3.30.1. The issue occurs in ext/misc/zipfile.c when using INSERT INTO with embedded '\0' characters in filenames, causing a memory-management error (detectable by tools like valgrind). The Astra Linux security bulletin confirms the same SQLite 3.30.1 ZIP/file handlin...

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

Shopping Portal ProVersion 3.0 - Authentication Bypass

Shopping Portal ProVersion 3.0 - Authentication Bypass Exploit Title: Shopping Portal ProVersion 3.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: v4.0...

CVE-2019-19714

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered...

CVE-2019-19714

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered...