11251 matches found
November 2017 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 updates for Windows Server 2012 (KB 4049018)
November 2017 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 updates for Windows Server 2012 KB 4049018 View products that this article applies to. Summary This article lists the Quality Rollup for the .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7...
Simple Banking Security Tip: Verbal Passwords
There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers SSN/DOB that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn't acceptable for institutions that held significant chunks of our...
Unauthorized Access Vulnerability in Goodbody Knowledge Android APP of Tongfang Co.
Good Body Knowledge Android App is a software to detect the health data in your body. There is an override access vulnerability in the Good Body Knowledge Android APP of Tongfang Co. The attacker registers and logs into the system while grabbing packets and modifying the user ID to query any user...
Arbitrary Account Password Reset Vulnerability in Goodbody Knowledge Android APP of Tongfang Co.
Good Body Knowledge Android App is a software to detect the health data in your body. An arbitrary account password reset vulnerability exists in the Good Body Knowledge Android APP of Tongfang Co. An attacker can reset any account password by grabbing a packet to obtain a verification code throu...
Lack of Internal IT Security Expertise Requires Connected Threat Defense
There are many different factors that can impact a company's overall security posture. Increasing sophistication on the part of cyber criminals, combined with more frequent attacks launched using advanced malware, represent some of the most pervasive drivers of IT security. However, one issue...
SQL Injection Vulnerability in Unitech's Business Intelligence Management System
Shenyang Uno Technology Co., Ltd. specializes in small and medium-sized enterprise intellectual property system construction and maintenance, brand marketing planning, brand promotion and marketing and other fields. There is a SQL injection vulnerability in Unitech's Knowledge Management System,...
CVE-2017-10412
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-10410
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2017-10410
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2017-10412
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-10411
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-10411
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
Code injection
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...
Code injection
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
Code injection
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-10412
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2017-10412
CVE-2017-10412 affects Oracle E-Business Suite Knowledge Management (User Interface) in versions 12.1.1–12.2.7. The vulnerability allows unauthenticated network access via HTTP to the Knowledge Management UI, with exploitation requiring user interaction. Consequences include unauthorized access t...
CVE-2017-10410
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2017-10410
CVE-2017-10410 is a vulnerability in Oracle E-Business Suite’s Knowledge Management component (subcomponent: Search). Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. The issue allows an unauthenticated attacker with network access via HTTP to compromise Or...
CVE-2017-10410
Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...