CVE-2021-2294

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIO...

CVE-2021-2294

CVE-2021-2294 targets Oracle WebLogic Server (Fusion Middleware Core). Affected versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0. The flaw allows unauthenticated network access via T3/IIOP to compromise WebLogic Server, enabling unauthorized updates, insertions or deletions of...

CVE-2021-2240

CVE-2021-2240 affects Oracle Outside In Technology (Outside In Filters) within Oracle Fusion Middleware. Affected: Outside In Filters in Oracle Outside In Technology, version 8.5.5. Vector: network (HTTP) with no authentication. Impact: unauthorized update/insert/delete and read access to Oracle ...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

CVE-2021-2218

The CVE-2021-2218 issue affects Oracle PeopleSoft: Health Center in PeopleSoft Enterprise PT PeopleTools, with vulnerable versions 8.56 and 8.57. The flaw allows an unauthenticated attacker with network access via HTTP to compromise the PT PeopleTools component, potentially enabling unauthorized ...

CVE-2021-2219

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: SQR. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2021-2219

CVE-2021-2219 affects Oracle PeopleSoft Enterprise PeopleTools, SQR component, versions 8.56–8.58. Low-privilege, network-access exploit via HTTP can lead to unauthorized data updates/reads and partial DoS. CVSS v3.1 base score 7.4. Oracle CPU April 2021 includes patches; apply the update to miti...

CVE-2021-0254

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service DoS condition, or leading to remote code execution RCE. Continued receip...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

Design/Logic Flaw

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2021-30932)

Oracle WebLogic Server is a cloud-native, enterprise-grade Java platform application server for multi-tier distributed enterprise application development and deployment. A security vulnerability exists in the Core component of Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0,...

Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30926)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Group Replication Plugin component in Oracle MySQL Server 8.0.23 and earlier. An attacker can exploit this vulnerability to cause a partial denial of service partial DOS of MySQL...

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

Oracle Enterprise Manager for Fusion Middleware 安全漏洞

Oracle Enterprise Manager for Fusion Middleware is Oracle's on-premise management platform for Fusion Middleware. A security vulnerability exists in the FMW Control Plugin component in Oracle Enterprise Manager for Fusion Middleware version 13.4.0.0. An attacker could exploit this vulnerability t...

Oracle WebLogic Server 输入验证错误漏洞

Oracle WebLogic Server is a cloud-native, enterprise-grade Java platform application server for multi-tier distributed enterprise application development and deployment. A security vulnerability exists in the Core component of Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0,...

Oracle MySQL 输入验证错误漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Group Replication Plugin component in Oracle MySQL Server 8.0.23 and earlier. An attacker can exploit this vulnerability to cause a partial denial of service partial DOS of MySQL...

SUSE: Security Advisory (SUSE-SU-2019:1390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ShinyHunters dump partial database of broker firm Upstox

By Waqas The hackers behind the breach is ShinyHunters while their target Upstox is India’s second-largest discount brokerage firm. This is a post from HackRead.com Read the original post: ShinyHunters dump partial database of broker firm Upstox...