121 matches found
CVE-2022-21536
CVE-2022-21536 affects Oracle Enterprise Manager Base Platform (Policy Framework) in versions 13.4.0.0 and 13.5.0.0. The vulnerability allows an unauthenticated attacker over HTTP to compromise the Base Platform, potentially taking control of the system and impacting confidentiality, integrity, a...
CVE-2022-21536
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
Oracle Enterprise Manager Base Platform 输入验证错误漏洞
Oracle Enterprise Manager Base Platform is a set of local management platform of Oracle Oracle. The platform is primarily used to manage Oracle product deployments. An input validation error vulnerability exists in Oracle Enterprise Manager Base Platform component: Policy Framework version...
The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain read, modify, add, or delete access to data.
The vulnerability of the Policy Framework component of the Enterprise Manager Base Platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain access to read, modify, add, or delete data...
DEBIAN-CVE-2021-33912
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...
DEBIAN-CVE-2021-33913
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of SPFrecordexpanddata in spfexpand.c. The amount of overflowed data depend...
ALPINE-CVE-2021-33912
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...
UBUNTU-CVE-2021-33912
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with a crafted SPF DNS record, because of incorrect sprintf usage in SPFrecordexpanddata in spfexpand.c...
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2022-21392
CVE-2022-21392 affects Oracle Enterprise Manager Base Platform (Policy Framework) versions 13.4.0.0 and 13.5.0.0. The vulnerability allows a low-privilege attacker, with network access via HTTP, to compromise the Base Platform and potentially access or modify data. CVSS 3.1 base score 8.8 (HIGH) ...
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
libspf2 缓冲区错误漏洞
libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that an email is authorized from its domain. This prevents email forgery commonly used by spammers, scammers and email viruses/worms. libspf2 suffers from a...
libspf2 缓冲区错误漏洞
libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. This prevents email forgery commonly used by spammers, scammers and email viruses/worms. libspf2 suffers from a buffer...
PT-2022-10299 · Exim +5 · Exim +5
Name of the Vulnerable Software and Affected Versions: libspf2 versions prior to 1.2.11 Description: The issue is related to a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail message from anywhere on the Internet with ...
PT-2022-2132 · Oracle · Enterprise Manager Base Platform
Name of the Vulnerable Software and Affected Versions: Enterprise Manager Base Platform versions 13.4.0.0 through 13.5.0.0 Description: The issue is related to insufficient input validation in the Policy Framework component. It allows a low-privileged attacker with network access via HTTP to...
CVE-2021-2137
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
Code injection
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...