Oracle E-Business Suite 11i Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37305/info Oracle E-Business Suite is prone to multiple authentication-bypass and HTML-injection vulnerabilities. Attackers could exploit these issues to steal cookie-based authentication credentials, perform unauthorized...

Oracle Database SQL Compiler Views Unauthorized Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The...

Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote...

Oracle 9 XML DB Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15034/info Oracle XML DB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

Endeca Latitude 2.2.2 - Cross-Site Request Forgery

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely...

Endeca Latitude 2.2.2 Cross Site Request Forgery

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely...

RHEL 5 : mysql55-mysql (RHSA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

CentOS 5 : mysql55-mysql (CESA-2014:0536)

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Moderate: Red Hat Security Advisory: mysql55-mysql security update

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Oracle Containers for J2EE Multiple Unspecified HTTP Vulnerabilities (April 2014 CPU)

The remote install of Oracle Containers for J2EE is missing a vendor-supplied update. It is, therefore, affected by multiple, unspecified vulnerabilities related to how HTTP requests are handled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Moderate: Red Hat Security Advisory: mariadb55-mariadb security update

Updated mariadb55-mariadb packages that fix several security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

IBM Domino 8.0.x / 8.5.x / 9.0.x with IBM Java < 1.6 SR15 FP1 Multiple Vulnerabilities (credentialed check)

The remote host has a version of IBM Domino formerly Lotus Domino 8.0.x / 8.5.x / 9.0.x that is bundled with an IBM Java version prior to 1.6 SR15 FP1. It is, therefore, affected by the vulnerabilities mentioned in the Oracle Java Critical Patch Update advisories for October 2013 and January 2014...

[SECURITY] [DSA 2919-1] mysql-5.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2919-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 03, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2919-1 (mysql-5.5 - security update)

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.37. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:...

Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities

104 vulnerabilities in quarterly Critical Patch Update...

Oracle Identity Analytics / Sun Role Manager Unspecified Remote Vulnerability (April 2014 CPU)

The remote Oracle Identity Analytics formerly known as Sun Role Manager install is affected by an unspecified vulnerability that can be exploited by remote, authenticated attackers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

April 2014 Oracle Critical Patch Update

Software maker and database management company Oracle yesterday released its quarterly Critical Patch Update. The release resolves more than 100 security vulnerabilities, many of which received high common vulnerability scoring system base scores and should be applied as soon as possible. Product...

Oracle Critical Patch Update - April 2014

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update - April 2014

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Advantech WebAccess odeName2参数处理栈缓冲区溢出漏洞

CVE ID:CVE-2014-0766 Advantech WebAccess HMI/SCADA是一款HMI/SCADA软件。 Advantech WebAccess处理odeName2参数时不正确过滤用户输入，允许远程攻击者利用漏洞提交特殊参数触发基于栈的缓冲区溢出，可使应用程序崩溃或执行任意代码。 0 Advantech WebAccess 7.1 Advantech WebAccess 7.2版本已修复该漏洞，建议用户下载更新： http://webaccess.advantech.com/...