1964 matches found
CVE-2021-37732
Aruba Instant (IAP) exposes a remote arbitrary command execution vulnerability (CVE-2021-37732) in its web-based management UI. Affected are Aruba Instant 6.4.x.x (6.4.4.8-4.2.4.17 and below), 6.5.x.x (6.5.4.18 and below), 8.5.x.x (8.5.0.11 and below), 8.6.x.x (8.6.0.6 and below), and 8.7.x.x (8....
KLA12331 Multiple vulnerabilities in Oracle Java SE
Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security...
PT-2021-23020
Name of the Vulnerable Software and Affected Versions TinyFileManager versions up to and including 2.4.6 Description A Cross-Site Request Forgery CSRF issue exists that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacke...
PYSEC-2021-583
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...
PT-2021-21790 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can read from outside of bounds of heap allocated data by sending...
Security Bulletin: Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.
Summary Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. This issue was disclosed as part of the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14782 DESCRIPTION: An unspecified vulnerability in Jav...
Security Bulletin: Vulnerability in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler.
Summary Vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, Version 8, that is used by IBM Workload Scheduler. These issues were disclosed in the Oracle October 2020 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14792 DESCRIPTION: An unspecified vulnerability in Java S...
Security Bulletin: January 2021 Patch Update for Java
Summary The January 2021 update to Java contains fixes for a number of potential vulnerabilities. Refer to the Details section for additional information. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerability in Java SE could allow an unauthenticated attacker to...
Oracle Business Intelligence Publisher Multiple Vulnerabilities (Jul 2021 CPU)
The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210720, 12.2.1.3.x prior to 12.2.1.3.210405, 12.2.1.4.x prior to 12.2.1.4.210402, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.210331. It is, therefore,...
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Sourcing
Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow an...
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform
Summary Multiple Oracle Database server security vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit...
Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management
Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2245 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database - Enterprise Edition Unified Audit component could allow...
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Sourcing (CVE-2021-2207)
Summary An Oracle database server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an authenticated attack...
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2207)
Summary An Oracle database server security vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could...
Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Supplier Lifecycle Mgmt (CVE-2021-2207)
Summary An Oracle database server security vulnerabilities affect IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could allow an...
Oracle Warns of Critical Remotely Exploitable Weblogic Server Flaws
Oracle on Tuesday released its quarterly Critical Patch Update for July 2021 with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them is CVE-2019-2729, a critical deserialization vulnerability v...
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...
Solaris 10 (sparc) : 153100-03
SunOS 5.10: Install and Patch Utilities Patch. Date this patch was last updated by Sun : Jul/19/21 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include"compat.inc"; if...
Oracle Solaris Critical Patch Update : jul2021_SRU11_4_34_94_4
This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to t...