Lucene search
K

1171 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.5 views

The vulnerability of the Application Service component of the software for working with Oracle Web Applications Desktop Integrator allows a perpetrator to gain access to modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the Application Service component of the Oracle Web Applications Desktop Integrator software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized...

8.5CVSS7.6AI score0.00987EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/05 12:0 a.m.4 views

CVE-2022-31768

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...

9.8CVSS5.7AI score0.01294EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.3 views

Car Rental Management System SQL注入漏洞

Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...

7.2CVSS5.9AI score0.04919EPSS
Exploits1References2
OSV
OSV
added 2022/06/01 8:15 p.m.3 views

CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...

7.8CVSS7.5AI score0.99374EPSS
Exploits62References4
BDU FSTEC
BDU FSTEC
added 2022/05/18 12:0 a.m.8 views

The vulnerability of the RubyGems.org hosting service, related to authentication errors, allows a perpetrator to gain access to create, modify, or delete data.

The vulnerability of the RubyGems.org hosting service is related to authentication errors during data copying. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to create, modify, or delete data...

10CVSS7.4AI score0.01845EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/05/11 12:0 a.m.7 views

CVE-2022-22413

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022...

9.8CVSS6.2AI score0.01188EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/27 4:0 p.m.4 views

CVE-2022-20742

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementatio...

7.4CVSS7.2AI score0.00425EPSS
Exploits0References2
OSV
OSV
added 2022/04/19 9:15 p.m.4 views

CVE-2022-21492

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS6.7AI score0.00841EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.4 views

CVE-2022-21448

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS6.7AI score0.00792EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/19 9:15 p.m.1 views

CVE-2022-21458

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Navigation Pages, Portal, Query. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS5.8AI score0.00749EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.4 views

CVE-2022-21458

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Navigation Pages, Portal, Query. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

6.1CVSS6.9AI score0.00749EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/19 9:15 p.m.7 views

CVE-2022-21450

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub product of Oracle PeopleSoft component: My Links. The supported version that is affected is 9.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PRTL...

5.4CVSS7.3AI score0.00456EPSS
Exploits0References1
OSV
OSV
added 2022/04/19 9:15 p.m.4 views

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

6.1CVSS7.3AI score0.0078EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.4 views

CVE-2022-21409

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

6.1CVSS6.9AI score0.0078EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.6 views

Oracle E-Business Suite 输入验证错误漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, and other functions. An input validation error vulnerability exists in...

5.4CVSS6.6AI score0.00483EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.7 views

Oracle Solaris 输入验证错误漏洞

Oracle Solaris is a UNIX operating system from Oracle. A security vulnerability in Oracle Systems' Oracle Solaris product could allow an unauthenticated attacker to compromise Oracle Solaris by accessing the network via multiple protocols, which could be exploited by an attacker to potentially...

8.2CVSS5.8AI score0.01454EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.6 views

The vulnerability of the Web Access component of the Primavera Portfolio Management software allows a malicious individual to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

5.4CVSS6.6AI score0.00524EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.7 views

The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data, or to cause service failures using...

6.5CVSS6.8AI score0.01222EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.6 views

The vulnerability of the Web Access component of the Primavera Portfolio Management software allows a malicious individual to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

5.8CVSS6.6AI score0.00825EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/04/06 4:15 p.m.3 views

CVE-2022-22410

IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service. IBM X-Force ID: 222763...

7.2CVSS5.8AI score0.007EPSS
Exploits0References2
Rows per page
Query Builder