Oracle Database Server CVE-2020-2510 Remote Security Vulnerability

Description Oracle Database Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'OracleNet' protocol. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c...

Oracle PeopleSoft Enterprise HCM Human Resources CVE-2020-2561 Remote Security Vulnerability

Description Oracle PeopleSoft Enterprise HCM Human Resources is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Company Dir / Org Chart Viewer' component is affected. These vulnerabilities affect the following supported versions: 9.2...

Unbound IPSEC Module CVE-2019-18934 Arbitrary Shell Command Injection Vulnerability

Description Unbound IPSEC Module is prone to a command-injection vulnerability. An attacker can exploit this issue to execute arbitrary shell commands on the affected system. Unbound versions 1.6.4 through 1.9.4 are vulnerable. Technologies Affected Unbound Unbound 1.6.10 Unbound Unbound 1.6.4...

Oracle E-Business Suite CVE-2019-2930 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in Oracle Field Service. The vulnerability can be exploited over the 'HTTP' protocol. The 'Wireless' component is affected. This vulnerability affects the following supported versions: 12.1.1 through 12.1.3 and 12.2.3...

Oracle Hyperion Financial Reporting CVE-2019-2959 Remote Security Vulnerability

Description Oracle Hyperion Financial Reporting is prone to a remote security vulnerability in Security Models. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 11.1.2.4 Technologies Affected Oracle Hyperion Financial...

Oracle Web Services CVE-2019-2907 Remote Security Vulnerability

Description Oracle Web Services is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'SOAP with Attachments API for Java' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected...

SAP Landscape Management CVE-2019-0380 Information Disclosure Vulnerability

Description SAP Landscape Management is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP Landscape Management 3.0 is vulnerable; other versions may also be affected...

PHP 'new COM()' Denial of Service Vulnerability

Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to crash the affected application resulting in denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP...

SMA Solar Technology AG Sunny WebBox CVE-2019-13529 Cross Site Request Forgery Vulnerability

Description SMA Solar Technology AG Sunny WebBox is prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Sunny WebBox versions 1.6 and prior are...

ZmartZone 'mod_auth_openidc' Module Open Redirection Vulnerability

Description ZmartZone modauthopenidc Module is prone to an open-redirection vulnerability. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this...

FasterXML Jackson-databind CVE-2019-14379 Remote Code Execution Vulnerability

Description FasterXML Jackson-databind is prone to a remote-code execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Versions prior to...

Pulse Connect Secure and Policy Secure CVE-2019-11509 Access Bypass Vulnerability

Description Pulse Connect Secure and Policy Secure are prone to an access-bypass vulnerability. An attacker can exploit this execute arbitrary code and perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: Pulse Connect Secure 9.0RX, 8.3RX...

Microsoft Edge CVE-2017-11872 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Recommendations Block external acces...

Microsoft Edge Content Security Policy CVE-2017-8723 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Recommendations Block external acces...

Microsoft Internet Explorer CVE-2015-6051 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10 and 11 are vulnerable. Technologies Affected Microsoft Internet...

Microsoft Internet Explorer CVE-2014-4123 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Avaya Aura...

Cisco Video Communications Server CVE-2011-2538 Unspecified Remote Command Execution Vulnerability

Description Cisco Video Communications Server is prone to an unspecified remote command-execution vulnerability because it fails to sufficiently validate user-input supplied. An attacker may exploit this issue to execute arbitrary commands within the context of the affected application,this may a...

Microsoft Windows Client Service For Netware Buffer Overflow Vulnerability

Description Microsoft Client Service for Netware is prone to a buffer overflow vulnerability that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. This issue could also be...

Mambo Open Source Multiple Input Validation Vulnerabilities

Description Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may leverage these issues to execute arbitrary server-side script code on an...