Lucene search
K

7 matches found

NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2025-42904

Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP Lists. Successful exploitation could lead to unauthorized disclosure of data, resulting in a high impact on confidentiality without affecting integrity...

6.5CVSS0.00279EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/04/30 12:0 a.m.7 views

The vulnerability of the Campaign LOV component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Campaign LOV component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...

7.8CVSS7.2AI score0.0061EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/04/26 12:0 a.m.5 views

The vulnerability of the GL Accounts LOV component of the Oracle Trade Management software, a system for automating business operations within the Oracle E-Business Suite. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the GL Accounts LOV component of the Oracle Trade Management software for trading operations management within the Oracle E-Business Suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorize...

7.8CVSS7.2AI score0.00609EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.3 views

PT-2023-9063 · Oracle · Oracle E-Business Suite +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the Campaign LOV component of Oracle Marketing, allowing an unauthenticated attacker with network access via HTTP to...

7.8CVSS7.2AI score0.0061EPSS
Exploits0References9
OSV
OSV
added 2021/04/02 7:15 p.m.6 views

CVE-2021-29661

Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diagvalues.html Stored XSS via the ITEMLISTVALUESITEMID parameter, resulting in JavaScript payload injection into the trace file. This payload will then be triggered every time an authenticated user browses the page containing it...

5.4CVSS6AI score0.006EPSS
Exploits1References1
OSV
OSV
added 2017/08/07 4:53 p.m.6 views

USN-3380-1 freerdp vulnerabilities

It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...

8.8CVSS7.1AI score0.0367EPSS
Exploits7References9
Check Point Advisories
Check Point Advisories
added 2008/05/29 12:0 a.m.12 views

Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051; CVE-2008-1455)

Microsoft PowerPoint is a popular presentation program. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory calculation error in Microsoft PowerPoint when parsing bullet list values in specially crafted PowerPoint files. A remote...

6.8CVSS7.2AI score0.25513EPSS
Exploits0
Rows per page
Query Builder