Rockwell Automation FactoryTalk AssetCentre 安全漏洞

Rockwell Automation FactoryTalk AssetCentre is an asset management software tool from Rockwell Automation that allows manufacturers and industrial companies to centrally manage controllers and other automation-related assets. An unspecified vulnerability exists in Rockwell Automation FactoryTalk...

CVE-2021-26714

The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal...

ClusterLabs Hawk 安全漏洞

ClusterLabs Hawk is a ClusterLabs open source application. It is used to manage and monitor Pacemaker HA clusters. ClusterLabs Hawk has a security vulnerability that allows an attacker to bypass access restrictions to read or modify data using chmod...

IBM DB2 安全漏洞

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM DB2, which can be exploited by an attacker to bypass access...

USN-4753-1: Linux kernel (OEM) vulnerability

It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...

Sql injection

PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database...

Ubuntu 18.04 LTS : Linux kernel vulnerability (USN-4713-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4713-2 advisory. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker wi...

The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to read, modify, add, or delete data using the...

The vulnerability of the Worklist component of the Oracle Workflow system allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Worklist component of the Oracle Workflow system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information, or to modify, add, or delete data using the HTTP...

The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts allows a malicious individual to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Miscellaneous component of the Oracle Scripting environment for creating and processing scripts is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain read, modify, add, or delete access to data, or to cause a service failure.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, add, or delete access to data, or cause a service failure using the HTTP...

CVE-2021-25910

Improper Authentication vulnerability in the cookie parameter of ZIV AUTOMATION 4CCT-EA6-334126BF allows a local attacker to perform modifications in several parameters of the affected device as an authenticated user...

CVE-2020-35547

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access view and modify to user data...

Ubuntu: Security Advisory (USN-4713-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-1135

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...

CVE-2021-1270

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this...

CVE-2021-1133

Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, see the Details section of this advisory...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

CVE-2021-2003

Vulnerability in the Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Web Dashboards. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with...

Vulnerability fixed in Red Hat kernel

A vulnerability has been fixed in the Red Hat kernel. The vulnerability allows a local malicious agent to cause a denial-of-service and to modify data. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...