CVE-2019-2777

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 19.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core - Server...

CVE-2019-2764

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2019-2759

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

Influxdb Authentication Bypass Vulnerability

InfluxDB is an open source temporal database developed by InfluxData. Influxdb suffers from an authentication bypass vulnerability that can be exploited by an attacker to gain control of the database and arbitrarily perform add, delete, or change operations...

Improper Access Control

Oracle MySQL is vulnerable to denial of serviceDoS attacks. A remote user could exploit a flaw in the Server: Memcached component to partially modify data and cause denial of service conditions which leads to cause frequently repeatable crash on the target system...

CVE-2019-2707

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management component of Oracle PeopleSoft Products subcomponent: Application Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2629

Vulnerability in the Oracle Health Sciences Data Management Workbench component of Oracle Health Sciences Applications subcomponent: User Interface. The supported version that is affected is 2.4.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2557

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2018-3314

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications subcomponent: Customer. The supported version that is affected is 11.4. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS Relate CRM Software...

CVE-2018-3312

Vulnerability in the Oracle Retail Customer Engagement component of Oracle Retail Applications subcomponent: Segment. Supported versions that are affected are 16.0 and 17.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail...

Joomla JCalPro Calendar 4.3.26 SQL Injection

Exploit Title : Joomla JCalPro Calendar Components 4.3.26 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 31/01/2019 Vendor Homepage : joomlashack.com anything-digital.com Software Download Link : joomlashack.com/joomla-extensions/jcal/ Software...

The vulnerability of the Learner Administration component in Oracle iLearning’s corporate learning management system allows a hacker to gain access to modify, add, or delete data.

The vulnerability of the Learner Administration component in Oracle iLearning’s enterprise learning management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to remotely gain access to modify, add, or delete data using the HTTP...

The vulnerability of the Oracle Applications Framework component of the Oracle E-Business Suite, a system for automating business activities, allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle Applications Framework component of the Oracle E-Business Suite system for automating business operations is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or dele...

The vulnerability of the User Interface sub-component of the Oracle Trade Management component in the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the User Interface component of the Oracle Trade Management component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to modify, add, or delete data...

Vulnerability of the sub-component’s overview page/report rendering in the Oracle E-Business Intelligence component of the Oracle E-Business Suite. This component is used for automating business processes within enterprises. It allows attackers to gain access to modify, add, or delete data.

The vulnerability of the sub-component’s overview page/report rendering in Oracle E-Business Intelligence, a system for automating business processes within the Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating...

CVE-2019-2499

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Search Functionality. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2442

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Fluid Core. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-3304

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker...

CVE-2018-3305

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker...

Prototype Override Protection Bypass

qs is vulnerable to prototype override protection bypass. It is possible for an attacker to bypass the protection and overwrite prototype properties and functions by prefixing the name of the parameter with or . Overwriting these properties on the object prototype can impact application logic,...