1165 matches found
CVE-2017-10030
Vulnerability in the BI Publisher component of Oracle Fusion Middleware subcomponent: Web Server. The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks...
CVE-2017-10021
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Search. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2017-10005
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
BSA-2017-500
Security Advisory ID : BSA-2017-500 Component : Apache HTTPD Revision : 1.0: Final It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decryp...
UBUNTU-CVE-2017-3636
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...
Sony WG-C10 Security Bypass Vulnerability
The Sony WG-C10 is a wireless portable server from Sony Japan. A security vulnerability exists in Sony WG-C10 version 3.0.79 and earlier. An attacker could exploit the vulnerability to bypass access control and obtain or change information stored on an external storage device...
CVE-2017-3631
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful...
CVE-2017-3630
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
The vulnerability of the Oracle MySQL database management system allows a hacker to gain privileged access when modifying data or causing service failures.
The vulnerability of the MySQL Server component of the Oracle MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain privileged access to modify, add, or delete data. This can also cause...
PT-2017-2143 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to improper memory object access. This could allow a remote attacker to execute arbitrary code or cause memory corruption. The vulnerabili...
CVE-2017-3347
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via...
CVE-2017-3355
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via...
CVE-2017-3342
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via...
CVE-2017-3537
Vulnerability in the Oracle Real-Time Scheduler component of Oracle Utilities Applications subcomponent: Mobile Communications Platform. Supported versions that are affected are 2.2.0.3.13, 2.3.0.0 and 2.3.0.1. Easily "exploitable" vulnerability allows unauthenticated attacker with network access...
CVE-2017-3489
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Security Management System. Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily "exploitable" vulnerability allows low...
CVE-2017-3504
Vulnerability in the Automatic Service Request ASR component of Oracle Support Tools subcomponent: ASR Manager. The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Automatic Service Reque...
CVE-2017-3484
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Limits and Collateral. Supported versions that are affected are 12.0.0 and 12.1.0. Easily "exploitable" vulnerability allows low privileged attacker...
CVE-2016-6818
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service data deletion, or launch administrative operations or possibly OS commands via a crafted SQL query. The vendor...
Vulnerability of the Java Platform software platform, allowing attackers to modify data
The vulnerability of the Java Platform’s networking components is related to security configuration errors. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to modify, add, or delete data using network packets...
CVE-2017-3300
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Multichannel Framework. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...