43 matches found
GHSA-3JMQ-QHG3-F58J mcpo-simple-server has a Path Traversal issue
A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...
EUVD-2016-0478
Malware in sbrugna...
EUVD-2015-4902
Malware in sbrugna...
EUVD-2013-0363
Malware in sbrugna...
CVE-2021-2053
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ba...
CVE-2013-5766
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via...
CVE-2024-21067
Oracle Enterprise Manager Base Platform (Host Management) is affected for version 13.5.0.0. The issue stems from insufficient input validation in the Host Management component, enabling a low-privileged attacker with logon access to compromise and potentially take over the Oracle Enterprise Manag...
CVE-2024-20916
CVE-2024-20916 affects Oracle Enterprise Manager Base Platform, specifically the Event Management component in version 13.5.0.0. The root cause is insufficient input validation, enabling a highly privileged attacker with access to the physical/adjacent network segment to compromise the Base Platf...
Malicious code in theme_manager_base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1bc6db51bd02965797db039443df8af4306318f1bc3800f90f23f2a93e5e9efd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Oracle Enterprise Manager Cloud Control (Jul 2022 CPU)
The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component:...
Code injection
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterpris...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has fixed vulnerabilities in the following products: Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute attacks that result in the following...
PT-2022-2132 · Oracle · Enterprise Manager Base Platform
Name of the Vulnerable Software and Affected Versions: Enterprise Manager Base Platform versions 13.4.0.0 through 13.5.0.0 Description: The issue is related to insufficient input validation in the Policy Framework component. It allows a low-privileged attacker with network access via HTTP to...
CVE-2021-2137
CVE-2021-2137 affects Oracle Enterprise Manager Base Platform (Policy Framework) and is reported to impact versions 13.4.0.0 and 13.5.0.0. The vulnerability enables a low-privileged, network-accessing attacker over HTTP to compromise the Base Platform and potentially take over the system. Multipl...
Oracle JDeveloper XXE (July 2021 CPU)
The version of Oracle JDeveloper installed on the remote host is prior to 12.2.1.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory: - Vulnerability in the Essbase product of Oracle Essbase component: Infrastructure Apache Commons Compress. The...
Oracle Enterprise Manager Cloud Control (Jul 2021 CPU)
The 13.4.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the StorageTek Tape Analytics SW Tool product of Oracle Systems component: Software dom4j. The supported...
The vulnerability of the UI Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to read data or modify data.
The vulnerability of the UI Framework component of the Enterprise Manager Base Platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read data or to modify, add, or delete data through HTTP requests...
CVE-2021-2053
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ba...
Unspecified Vulnerability in Oracle Enterprise Manager Manager Base Platform
Oracle Enterprise Manager is a set of local management platform of the United States Oracle Oracle. The platform is primarily used to manage Oracle product deployments. A security vulnerability exists in Oracle Enterprise Manager Manager Base Platform. An attacker could exploit the vulnerability ...
Oracle Enterprise Manager Cloud Control (Apr 2020 CPU)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2020 CPU advisory. - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that...