21 matches found
openjdk: Enhance Zip file reading (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK:...
Security Bulletin: Communications Server (CS) for Data Center Deployment and CS for AIX are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025 - Includes Oracle April 2024 CPU plus CVE-2025-4447
Summary Communications Server CS for Data Center Deployment and CS for AIX install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database used by the TN3270 Server and...
Security Bulletin: IBM WebSphere Business Services Fabric – Information regarding a security vulnerability in IBM SDK for Java that shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)
Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in IBM WebSphere Business Services Fabric. Content VULNERABILITY DETAILS: DESCRIPTION: This Security Bulletin addresses the security vulnerabilities that...
Security Bulletin: IBM WebSphere Lombardi Edition – Information regarding security vulnerability in IBM SDK for Java that shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)
Abstract Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in IBM WebSphere Lombardi Edition. Content VULNERABILITY DETAILS: DESCRIPTION: This Security Bulletin addresses the security vulnerabilities that have...
Oracle PeopleSoft - Server-Side Request Forgery Vulnerability
Exploit for java platform in category web applications Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017...
Oracle PeopleSoft HCM 9.2 XXE Injection
Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Nadya Krivdyuk ERPScan Description 1...
Oracle E-Business Suite 12.2.3 - IESFOOTPRINT SQL Injection Vulnerability
Exploit for jsp platform in category web applications Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017...
Oracle PeopleSoft - PeopleSoftServiceListeningConnector XML External Entity via DOCTYPE
Oracle PeopleSoft - PeopleSoftServiceListeningConnector XML External Entity via DOCTYPE Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory:...
Oracle PeopleSoft ToolsRelease / ToolsReleaseDB / HCM SSRF Vulnerabilities
Oracle PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a server-side request forgery vulnerability. Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com...
Oracle PeopleSoft HCM 9.2 XXE Injection Vulnerability
Exploit for windows platform in category remote exploits Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April...
Oracle PeopleSoft HCM 9.2 XXE Injection
Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Nadya Krivdyuk ERPScan Description 1...
Oracle E-Business Suite 12.2.3 SQL Injection
Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Dmitry Chastuhin ERPScan Description 1. ADVISORY...
DoS in Oracle E-Business Suite ANONYMOUSLOGIN
Application: Oracle E-Business Suite Versions Affected: Oracle E-Business Suite 12.2.3 Vendor: Oracle Bugs: DoS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Alexey Tyurin ERPScan, Ivan Chalykin ERPScan VULNERABILITY...
XXE VIA DOCTYPE in PeopleSoft
Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor: Oracle Bugs: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Nadya Krivdyuk ERPScan VULNERABILITY INFORMATION Class:...
SSRF in PeopleSoft IMServlet
Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor: Oracle Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Roman Shalymov ERPScan...
XSS - Oracle E-Business Suite JTFFMPRINTSERVER
Application: Oracle E-Business Suite Versions Affected: Oracle E-Business Suite 12.2.3 Vendor: Oracle Bugs: XSS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Authors: Ivan Chalykin ERPScan VULNERABILITY INFORMATION Class: XSS...
OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability v...
Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes
No description provided by source. Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Name Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Systems Affected APEX 3.0 optional component of 11.1.0.7 installation...
Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes
Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Name Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Systems Affected APEX 3.0 optional...
Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes
Exploit for multiple platform in category local exploits ================================================================== Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes ================================================================== Unprivileged DB users can see APEX...