476 matches found
Design/Logic Flaw
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
Design/Logic Flaw
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...
CVE-2022-21575
CVE-2022-21575 affects Oracle WebCenter Sites Support Tools (UI) in Oracle Fusion Middleware, with versions prior to 4.4.2 vulnerable to network-accessible exploitation. Attackers with network access via HTTP and high privileges can potentially access or modify data and cause a partial denial of ...
CVE-2022-21538
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2022-21516
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Enterprise Manager Install. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
CVE-2022-21428
The CVE-2022-21428 entry affects Oracle FLEXCUBE Universal Banking (Infrastructure) and is observed in Oracle Financial Services Applications across versions 12.1–12.4, 14.0–14.3, and 14.5. Described as an input-validation/logic flaw, it allows a low-privilege attacker with network access over HT...
BSA-2022-1731
Security Advisory ID : BSA-2022-1731 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle Graal...
OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...
OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
IBM Java 7.0 < 7.0.10.40 / 7.1 < 7.1.4.40 / 8.0 < 8.0.5.30 Multiple Vulnerabilities
The version of IBM Java installed on the remote host is prior to 7.0 7.0.10.40 / 7.1 7.1.4.40 / 8.0 8.0.5.30. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle January 15 2019 CPU advisory. - An issue was discovered in libjpeg 9a and 9d. The allocsarray function i...
IBM Java 7.0 < 7.0.10.50 / 7.1 < 7.1.4.50 / 8.0 < 8.0.5.40 Multiple Vulnerabilities
The version of IBM Java installed on the remote host is prior to 7.0 7.0.10.50 / 7.1 7.1.4.50 / 8.0 8.0.5.40. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle July 16 2019 CPU advisory. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE...
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2022-1571)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle MySQL Buffer Overflow Vulnerability (CNVD-2022-31923)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components. MySQL Connectors is one of the drivers for connecting to applications that use MySQL. Oracle MySQL is vulnerable to a buffer overflow vulnerability...
Design/Logic Flaw
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2022-21475
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking...
CVE-2022-21474
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bankin...
CVE-2022-21473
Vulnerability in the Oracle Banking Treasury Management product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2022-21472
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2022-21472
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...
Oracle Taleo Denial of Service Vulnerability
Oracle Taleo is a powerful standalone talent acquisition suite from Oracle Corporation USA. for sourcing and hiring the best candidates. A denial of service vulnerability exists in Oracle Talent Acquisition Cloud - Taleo Enterprise Edition, which originates from failure to properly handle incomin...