318 matches found
The vulnerability of the SAP NetWeaver software integration platform allows attackers to obtain confidential information, enhance their privileges, or carry out other malicious actions.
The vulnerability of the XML Data Archiving Service component of the SAP NetWeaver software integration platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to obtain confidential information, enhance their privileges, or cause other adverse...
CVE-2016-1593
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. dot dot in a filename within a multipart/form-data POST request to a LiveTime.woa URL...
CVE-2016-3980
The Java Startup Framework aka jstart in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service process crash via a crafted HTTP request, aka SAP Security Note 2259547...
The vulnerability of the WildFly application server and the JBoss Enterprise Application Platform, which allows a hacker to induce a service failure.
The vulnerability of the Java server consoles of WildFly and the JBoss Enterprise Application Platform lies in buffer overflows. Exploiting this vulnerability allows a malicious actor to cause a service failure by creating a request with an excessively long header...
MGASA-2015-0436 Updated krb5 packages fix security vulnerabilities
Updated krb5 packages fix security vulnerabilities: In MIT krb5 1.5 and later, applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. This bug may go unnotice...
Updated krb5 packages fix security vulnerabilities
Updated krb5 packages fix security vulnerabilities: In MIT krb5 1.5 and later, applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. This bug may go unnotice...
Infinite Automation Mango Automation File Upload Vulnerability
Infinite Automation Mango Automation is the United States Infinite Automation Systems, Inc. of a set of open source Web-based SCADA data acquisition and supervisory control, HMI and automation software. Infinite Automation Mango Automation 2.5.x and 2.6.x prior to 2.6.0, version 2.6.x, build 430,...
jakarta security update
CentOS Errata and Security Advisory CESA-2015:1695 Updated jakarta-taglibs-standard packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring Syste...
Red Hat JBoss Portal PortletBridge PortletRequestDispatcher Code Injection Vulnerability
Red Hat JBoss Portal is the United States Red Hat Red Hat a set of open source and standards-compliant portal platform , it can build , layout of a portal Web interface for publishing , managing content and customizing the user experience . PortletBridge is a JSR-301 and JSR 329 draft...
CVE-2015-4744
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...
Buffer overflow
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...
CVE-2015-2623
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...
Buffer overflow
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...
CVE-2015-2623
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related ...
CVE-2015-4744
Technical details about CVE-2015-4744 are not provided in the supplied documents; no explicit affected products/versions or impact are disclosed. Monitor for updates.
CVE-2015-4744
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors...
CVE-2015-2623
The CVE-2015-2623 entry affects Oracle Fusion Middleware components: Oracle GlassFish Server (3.0.1, 3.1.2) and Oracle WebLogic Server (Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, 12.1.3.0). The underlying issue is related to JavaServer Faces, with remote attackers able to impact integrity vi...
CVE-2015-2623
Removed by vendor...
Oracle GlassFish Server Multiple Vulnerabilities (July 2015 CPU)
The version of Oracle GlassFish Server running on the remote host is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the bundled Network Security Services NSS library because the definitelengthdecoder function, in file quickder.c, does not properly form the DER...
SAP ABAP & Java Server Denial of Service Vulnerability
SAP ABAP & Java Server is a German SAP SAP company running in NetWeaver for SAP applications to provide a development and runtime environment for the application platform and based on the ABAP high-level programming language and Java programming language application server. A security vulnerabili...