7 matches found
CVE-2025-42904
Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without affecting integrity...
The vulnerability of the Campaign LOV component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Campaign LOV component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...
The vulnerability of the GL Accounts LOV component of the Oracle Trade Management software, a system for automating business operations within the Oracle E-Business Suite. This vulnerability allows an attacker to gain unauthorized access to protected information.
The vulnerability of the GL Accounts LOV component of the Oracle Trade Management software for trading operations management within the Oracle E-Business Suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorize...
PT-2023-9063 · Oracle · Oracle E-Business Suite +1
Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the Campaign LOV component of Oracle Marketing, allowing an unauthenticated attacker with network access via HTTP to...
CVE-2021-29661
Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diagvalues.html Stored XSS via the ITEMLISTVALUESITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the page containing it...
USN-3380-1 freerdp vulnerabilities
It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...
Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051; CVE-2008-1455)
Microsoft PowerPoint is a popular presentation program. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory calculation error in Microsoft PowerPoint when parsing bullet list values in specially crafted PowerPoint files. A remote...