14 matches found
EUVD-2023-43161
Malicious code in bioql PyPI...
CVE-2025-42987
SAP Manage Processing Rules For Bank Statement allows an attacker with basic privileges to edit shared rules of any user by tampering the request parameter. Due to missing authorization check, the attacker can edit rules that should be restricted, compromising the integrity of the application...
CVE-2023-7009
Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be...
Unspecified Vulnerability in Mozilla Firefox for iOS (CNVD-2025-05232)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox for iOS that originates from an unrecognized QR code link. An attacker could exploit this vulnerability potentially causing integrity to be compromise...
Unspecified vulnerability in Huawei HarmonyOS and EMUI HiView module
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...
Improper Input Validation
dev.sigstore, sigstore-java is vulnerable to Improper Input Validation. The vulnerability is due to insufficient verification in the KeylessVerifier.verify method, which fails to properly validate whether the inclusion proof provided by a bundle corresponds to the correct log, allows an attacker ...
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability (CNVD-2024-28621)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by attackers to bypass security features and compromise integrity...
Arbitrary File Deletion Vulnerability in Dream CMS
Dream CMS lmxcms is developed using php language and mysql database, and adopts the mainstream MVC design model. Dream CMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to compromise integrity...
Oracle Database Server Access Control Error Vulnerability (CNVD-2021-08528)
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Unified Audit component of Oracle Database Serve...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-08463)
Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle Corporation. The software provides customer relationship management, service management, financial management, etc. Common Applications also known as Oracle Common Application...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-08454)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Customer...
Oracle E-Business Suite Authorization Issues Vulnerability (CNVD-2021-08449)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in the Oracle iStore...
Unspecified Vulnerability in Oracle Financial Services Revenue Management and Billing
Oracle Financial Services Revenue Management and Billing ORMB provides a superior rules-based system for billing, payment and collections that increases revenue opportunities, reduces costs, improves customer service and provides sales channel support. An unspecified vulnerability exists in the O...
Important: java-1.6.0-openjdk
Issue Overview: Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-65...