Lucene search
K

102 matches found

CNNVD
CNNVD
added 2023/01/18 12:0 a.m.5 views

Oracle BI Publisher安全漏洞

Oracle BI Publisher is a reporting solution from Oracle Corporation USA that makes it easier and faster to create, manage and deliver all reports and documents than traditional reporting tools. Oracle BI Publisher has a security vulnerability that can be exploited by an attacker to cause a takeov...

8.8CVSS8.2AI score0.00631EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.4 views

Oracle BI Publisher 安全漏洞

Oracle BI Publisher is a reporting solution from Oracle Corporation USA that makes it easier and faster to create, manage and deliver all reports and documents than traditional reporting tools. A security vulnerability exists in Oracle BI Publisher 5.9.0.0.0, 6.4.0.0.0, and 12.2.1.4.0, which can ...

8.8CVSS8.3AI score0.00631EPSS
Exploits0References2
OSV
OSV
added 2022/12/01 12:0 a.m.6 views

PUB-A-227203684

In sdpufindmostspecificserviceuuid of sdputils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

5CVSS6.6AI score0.00165EPSS
Exploits0References2
Code423n4
Code423n4
added 2022/10/23 12:0 a.m.9 views

It's possible to steal a part of the funds in any pair contract and/or DOS a new pair

Lines of code Vulnerability details The function collectFeesaddress account, uint256 memory ids in LBPair.sol is supposed to calculate and transfer the fees owed to account. Since the protocol assumes that the pair contract itself cannot accumulate fees, this function is exploitable by passing th...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/06 12:0 a.m.14 views

Add members to the not yet created community

Lines of code Vulnerability details Impact There is a addMember function in the Community. The function accepts data that should be signed by the community.owner and newMemberAddr. // Compute hash from bytes bytes32 hash = keccak256data; // Decode params from data uint256 communityID, address...

6.9AI score
Exploits0
NCSC
NCSC
added 2022/07/08 12:0 a.m.3 views

Vulnerability fixed in rsyslog

The developers of rsyslog have fixed a vulnerability in rsyslog. A malicious party could exploit the vulnerability to cause a denial-of-service, or to potentially manipulate data manipulate and thus potentially inject false information into the central syslog environment. The developers do not ru...

8.1CVSS7.2AI score0.03821EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/05/17 5:15 a.m.6 views

CVE-2022-1753 WoWonder Group requests.php access control

A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument groupid allows posting messages in other groups. It is possible to launch the attack remotely but it might...

5.4CVSS5.8AI score0.00889EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2022/01/25 8:0 a.m.6 views

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

...

6.3CVSS6.8AI score0.02686EPSS
Exploits0
OSV
OSV
added 2021/11/01 12:0 a.m.7 views

PUB-A-194697257

In TBD of TBD, there is a possible downgrade attack due to under utilized anti-rollback protections. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/10/12 2:17 p.m.8 views

mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS7.2AI score0.02621EPSS
Exploits0References5
OSV
OSV
added 2021/07/21 3:15 p.m.5 views

UBUNTU-CVE-2021-2402

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

4.9CVSS6.6AI score0.02088EPSS
Exploits0References4
OSV
OSV
added 2021/07/13 4:15 p.m.3 views

CVE-2021-20424

IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. X-Force ID: 196309...

4.3CVSS5.8AI score0.00982EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:1239-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.04428EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:1268-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.04428EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2019:1238-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.7AI score0.04428EPSS
Exploits1References9
OSV
OSV
added 2021/04/14 7:15 a.m.4 views

ALPINE-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS6.9AI score0.02025EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.6 views

The vulnerability of the software package that implements the Squid caching proxy server’s function relates to incorrect elimination of certain elements in the output data. This allows a hacker to compromise the integrity of the data.

The vulnerability of the software package that implements the Squid caching proxy server lies in the improper elimination of certain elements in the output data. Exploiting this vulnerability allows a remote attacker to compromise the integrity of the data...

6.1CVSS6.7AI score0.055EPSS
Exploits0References12Affected Software6
Cvelist
Cvelist
added 2021/01/21 2:35 p.m.20 views

CVE-2020-26941

A local authenticated low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite deletion of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation...

5.4AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2020/10/21 3:15 p.m.7 views

DEBIAN-CVE-2020-14776

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS6.2AI score0.02621EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/11/12 12:0 a.m.3 views

PT-2019-3913

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to errors in handling objects in memory in the Win32k component of Windows operating systems. It allows an attacker to potentially elevate their privileges using a...

7.8CVSS7.1AI score0.01131EPSS
Exploits0References7
Rows per page
Query Builder