181 matches found
CVE-2017-1442
IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 128107...
CVE-2017-1442
CVE-2017-1442 affects IBM Emptoris Services Procurement 10.x, specifically 10.0.0.5, where a cross-site request forgery vulnerability could allow an attacker to perform malicious, unauthorized actions on behalf of a trusted user. The IBM Security Bulletin confirms this CSRF issue and lists the fi...
CVE-2017-1443
IBM Emptoris Services Procurement 10.x is affected by CVE-2017-1443, a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trusted session. The IBM security bulletin lists 10.0.0.5 as affected an...
IBM Emptoris Services Procurement Local Information Disclosure Vulnerability
IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A security vulnerability exists in IBM Emptoris Services Procurement that stems from a failure of proper access control....
IBM Emptoris Services Procurement Cross-Site Request Forgery Vulnerability
IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site request forgery vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker...
IBM Emptoris Services Procurement Cross-Site Scripting Vulnerability
IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site scripting vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker can...
Threat Outbreak Alert RuleID29512: Email Messages Distributing Malicious Software on June 19, 2017
Medium Alert ID: 54229 First Published: 2017 June 19 13:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29512 may contain the following files: Name | Siz...
Oracle PeopleSoft Enterprise SCM Service Procurement Remote Vulnerability
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, of which PeopleSoft Enterprise SCM is a supply chain management component. A remote security vulnerability exists in Oracle PeopleSoft Enterprise SCM Service Procurement. An attacker...
White House Cybersecurity Executive Order Summary
Yesterday President Trump issued an Executive Order on cybersecurity: "Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." The Executive Order EO appears broadly positive and well thought out, though it is just the beginning of a long process and not a sea change in...
CVE-2017-3525
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...
CVE-2017-3525
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...
Design/Logic Flaw
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...
CVE-2017-3525
Vulnerability in the PeopleSoft Enterprise SCM Service Procurement component of Oracle PeopleSoft Products subcomponent: Usability. The supported version that is affected is 9.2. Easily "exploitable" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSo...
CVE-2017-3525
CVE-2017-3525 affects Oracle PeopleSoft Enterprise SCM Service Procurement (subcomponent: Usability) version 9.2. The vulnerability arises in that component, with an attacker able to exploit over a network via HTTP by a high-privilege user to compromise data; impact includes unauthorized creation...
Threat Outbreak Alert RuleID28709: Email Messages Distributing Malicious Software on April 11, 2017
Medium Alert ID: 53401 First Published: 2017 April 11 16:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28709 may contain the following files: Name | Si...
CVE-2016-5600
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2016-5600
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2016-5600
Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2016-5600
Technical details about CVE-2016-5600 are not publicly provided in the supplied documents. No affected versions or vectors are specified here. Monitor for updates from official advisories and vendor CVE records.