1171 matches found
The vulnerability of the Application Service component of the software for working with Oracle Web Applications Desktop Integrator allows a perpetrator to gain access to modify, add, or delete data, or to gain unauthorized access to protected information.
The vulnerability of the Application Service component of the Oracle Web Applications Desktop Integrator software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or gain unauthorized...
CVE-2022-31768
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
Car Rental Management System SQL注入漏洞
Car Rental Management System is a car rental management system. SQL injection vulnerability exists in Car Rental Management System, which can be exploited by attackers to view, add, modify or delete information in the back-end database...
CVE-2022-30190
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...
The vulnerability of the RubyGems.org hosting service, related to authentication errors, allows a perpetrator to gain access to create, modify, or delete data.
The vulnerability of the RubyGems.org hosting service is related to authentication errors during data copying. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to create, modify, or delete data...
CVE-2022-22413
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022...
CVE-2022-20742
A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementatio...
CVE-2022-21492
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Server. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21448
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. The supported version that is affected is 5.9.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21458
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Navigation Pages, Portal, Query. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21458
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Navigation Pages, Portal, Query. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21450
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub product of Oracle PeopleSoft component: My Links. The supported version that is affected is 9.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PRTL...
CVE-2022-21409
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...
CVE-2022-21409
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. The supported version that is affected is Prior to 9.2.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...
Oracle E-Business Suite 输入验证错误漏洞
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, and other functions. An input validation error vulnerability exists in...
Oracle Solaris 输入验证错误漏洞
Oracle Solaris is a UNIX operating system from Oracle. A security vulnerability in Oracle Systems' Oracle Solaris product could allow an unauthenticated attacker to compromise Oracle Solaris by accessing the network via multiple protocols, which could be exploited by an attacker to potentially...
The vulnerability of the Web Access component of the Primavera Portfolio Management software allows a malicious individual to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to read, modify, or delete data, or to cause a service failure.
The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data, or to cause service failures using...
The vulnerability of the Web Access component of the Primavera Portfolio Management software allows a malicious individual to gain unauthorized access to read, modify, or delete data.
The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
CVE-2022-22410
IBM Watson Query with Cloud Pak for Data as a Service could allow an authenticated user to obtain sensitive information that would allow them to examine or alter system configurations or data sources connected to the service. IBM X-Force ID: 222763...