Lucene search
+L

121 matches found

cve
cve
added 2022/07/19 9:7 p.m.71 views

CVE-2022-21536

CVE-2022-21536 affects Oracle Enterprise Manager Base Platform (Policy Framework) in versions 13.4.0.0 and 13.5.0.0. The vulnerability allows an unauthenticated attacker over HTTP to compromise the Base Platform, potentially taking control of the system and impacting confidentiality, integrity, a...

8.1CVSS7.8AI score0.00861EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/07/19 9:7 p.m.16 views

CVE-2022-21536

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.1CVSS6.9AI score0.00861EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/07/19 12:0 a.m.5 views

Oracle Enterprise Manager Base Platform 输入验证错误漏洞

Oracle Enterprise Manager Base Platform is a set of local management platform of Oracle Oracle. The platform is primarily used to manage Oracle product deployments. An input validation error vulnerability exists in Oracle Enterprise Manager Base Platform component: Policy Framework version...

8.1CVSS6AI score0.00861EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2022/04/08 12:0 a.m.12 views

The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain read, modify, add, or delete access to data.

The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain access to read, modify, add, or delete data...

8.8CVSS7.7AI score0.00557EPSS
Exploits0References4Affected Software1
osv
osv
added 2022/01/19 6:15 p.m.1 views

DEBIAN-CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS8.6AI score0.09643EPSS
Exploits1References1
osv
osv
added 2022/01/19 6:15 p.m.2 views

DEBIAN-CVE-2021-33913

libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...

9.8CVSS8.6AI score0.09643EPSS
Exploits1References1
osv
osv
added 2022/01/19 6:15 p.m.4 views

ALPINE-CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS8.3AI score0.09643EPSS
Exploits1References1
osv
osv
added 2022/01/19 6:15 p.m.3 views

UBUNTU-CVE-2021-33912

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...

9.8CVSS7.7AI score0.09643EPSS
Exploits1References5
attackerkb
attackerkb
added 2022/01/19 12:15 p.m.5 views

CVE-2022-21392

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS7.3AI score0.00557EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2022/01/19 12:15 p.m.17 views

CVE-2022-21392

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS0.00557EPSS
Exploits0References1
osv
osv
added 2022/01/19 12:15 p.m.3 views

CVE-2022-21392

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS7.3AI score0.00557EPSS
Exploits0References1
cve
cve
added 2022/01/19 11:26 a.m.109 views

CVE-2022-21392

CVE-2022-21392 affects Oracle Enterprise Manager Base Platform (Policy Framework) versions 13.4.0.0 and 13.5.0.0. The vulnerability allows a low-privilege attacker, with network access via HTTP, to compromise the Base Platform and potentially access or modify data. CVSS 3.1 base score 8.8 (HIGH) ...

8.8CVSS7.7AI score0.00557EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/01/19 11:26 a.m.11 views

CVE-2022-21392

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS6.6AI score0.00557EPSS
Exploits0References1
cvelist
cvelist
added 2022/01/19 11:26 a.m.18 views

CVE-2022-21392

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS7.9AI score0.00557EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/01/19 12:0 a.m.8 views

libspf2 缓冲区错误漏洞

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that an email is authorized from its domain. This prevents email forgery commonly used by spammers, scammers and email viruses/worms. libspf2 suffers from a...

9.8CVSS6.6AI score0.09643EPSS
Exploits1References8
cnnvd
cnnvd
added 2022/01/19 12:0 a.m.5 views

libspf2 缓冲区错误漏洞

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. This prevents email forgery commonly used by spammers, scammers and email viruses/worms. libspf2 suffers from a buffer...

9.8CVSS6.6AI score0.09643EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2022/01/19 12:0 a.m.5 views

PT-2022-10299 · Exim +5 · Exim +5

Name of the Vulnerable Software and Affected Versions: libspf2 versions prior to 1.2.11 Description: The issue is related to a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with ...

9.8CVSS8.3AI score0.51474EPSS
Exploits2References36
ptsecurity
ptsecurity
added 2022/01/18 12:0 a.m.7 views

PT-2022-2132 · Oracle · Enterprise Manager Base Platform

Name of the Vulnerable Software and Affected Versions: Enterprise Manager Base Platform versions 13.4.0.0 through 13.5.0.0 Description: The issue is related to insufficient input validation in the Policy Framework component. It allows a low-privileged attacker with network access via HTTP to...

8.8CVSS8.2AI score0.00557EPSS
Exploits0References10
osv
osv
added 2021/10/20 11:16 a.m.4 views

CVE-2021-2137

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS7.3AI score0.0106EPSS
Exploits0References1
prion
prion
added 2021/10/20 11:16 a.m.26 views

Code injection

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

6.5CVSS8.4AI score0.0106EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder