CVE-2022-21424

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Connection Manager. The supported version that is affected is 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with network access via TCP to...

Oracle Java SE 输入验证错误漏洞

Oracle Java SE is an Oracle Corporation USA Java application for developing and deploying Java applications on desktops and servers, as well as embedded devices and real-time environments. An input validation error vulnerability exists in Oracle Java SE that could allow an unauthenticated attacke...

PT-2022-3108 · Oracle · Oracle Banking Payments

Name of the Vulnerable Software and Affected Versions: Oracle Banking Payments versions 14.5 Description: The issue is related to incorrect permission assignment for a critical resource in the Infrastructure component of Oracle Banking Payments. This can be exploited by a remote attacker to creat...

Oracle MySQL 缓冲区错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components, and MySQL Connectors is one of the drivers that connects to applications that use MySQL. The vulnerability allows a highly privileged attacker to...

PT-2022-6857

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description The issue is related to an unauthenticated attacker with network access via multiple protocols being able...

PT-2022-14966 · Oracle +1 · Mysql Cluster +1

Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 7.4.35 and prior MySQL Cluster versions 7.5.25 and prior MySQL Cluster versions 7.6.21 and prior MySQL Cluster versions 8.0.28 and prior Description: The issue allows a high-privileged attacker with access to the physic...

PT-2022-6858 · Oracle +10 · Java Se +12

Name of the Vulnerable Software and Affected Versions: Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description: The issue is related to an unauthenticated attacker with network access via multiple protocols being ab...

Amazon AWS VPN Client 安全漏洞

Amazon AWS VPN Client is a fully managed remote access VPN solution from Amazon.com, Inc. A security vulnerability exists in Amazon AWS VPN Client for Windows version 2.0.0, which stems from the disclosure of a user's Net-NTLMv2 hash when importing VPN configuration files. information, an attacke...

PT-2022-16903 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to the latest stable, beta and tests-passed versions Description: The issue affects Discourse, an open source platform for community discussion. An attacker can poison the cache for anonymous users, causing them to se...

The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to cause partial service disruption.

The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a partial service outage using network packets...

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to cause partial service disruption.

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause partial service interruptions...

The vulnerability of the Log component in the Oracle Enterprise Session Border Controller allows a perpetrator to cause a partial service disruption.

The vulnerability of the Log component in the Oracle Enterprise Session Border Controller is related to resource release errors. Exploiting this vulnerability could allow a malicious actor to cause a partial service outage using the HTTP protocol...

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to cause partial service disruption.

The vulnerability of the Libraries component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause partial service interruptions...

The vulnerability of the Libraries component of the Oracle Java SE software platform, the Oracle GraalVM Enterprise Edition virtual machine, and the Oracle Solaris operating system allows a perpetrator to cause partial service interruptions.

The vulnerability of the Libraries component of the Oracle Java SE software platform, the Oracle GraalVM Enterprise Edition virtual machine, and the Oracle Solaris operating system is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a partial servic...

The vulnerability of the ImageIO component in the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to cause a partial service failure.

The vulnerability of the ImageIO component in the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a partial service failure remotely...

CVE-2022-26671

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service...

CVE-2022-25594

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

CVE-2022-25594

Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...

Schneider Electric CmpUserMgr 安全漏洞

Schneider Electric CmpUserMgr is a library from Schneider Electric France. It provides access to user management. A security vulnerability exists in the Schneider Electric CmpUserMgr component that stems from an error in the CmpUserMgr component that could result in a security policy being only...

CVE-2022-22518

A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy...