BIT-JAVA-MIN-2024-21210

Vulnerability in Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

BIT-JAVA-2021-2161

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...

CVE-2025-54863

Radiometrics VizAir is affected by a vulnerability where the system’s REST API key is exposed via a publicly accessible configuration file. Public access could let an attacker remotely alter weather data and configurations, automate attacks across multiple instances, and exfiltrate sensitive mete...

PT-2025-45015

Name of the Vulnerable Software and Affected Versions Radiometrics VizAir affected versions not specified Description Radiometrics VizAir is susceptible to exposure of its REST API key through a publicly accessible configuration file. Successful exploitation allows attackers to remotely alter...

The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax industrial switches allows a intruder to alter the data representation type.

The vulnerability of the SNMPv3 implementation of SCALANCE W-700 IEEE 802.11ax switches is related to access control errors. Exploiting this vulnerability allows a remote attacker to alter the data representation type...

PT-2023-9573 · Oracle · Oracle E-Business Suite

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue is related to weaknesses in the authorization mechanism of the Common Components component in Oracle Financials, part of the Oracle E-Business Suite. This can allo...

UBUNTU-CVE-2023-22067

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...

EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass

Overview EC-CUBE plugin "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series" provided by NE Inc. contains an authentication bypass vulnerability CWE-287. TSUKADA Nobuhisa of Seasoft reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

SUSE CVE-2020-14797

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

The vulnerabilities of the Workflow, Approval, and Work Force Management components of the Oracle Self-Service Human Resources system, as well as the Oracle E-Business Suite, allow attackers to gain access to modify, add, or delete protected data.

The vulnerability of the Workflow, Approval, and Work Force Management components of the Oracle Self-Service Human Resources system, as well as the Oracle E-Business Suite, is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to modify, add, o...

PT-2021-6434 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.36 and prior MySQL Server versions 8.0.27 and prior Description: The issue is related to insufficient input validation in the MySQL Server product, specifically in the Server: Security: Privileges component. This...

OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

The vulnerability of the Web Access component of the Oracle Primavera Portfolio Management software lies in insufficient validation of input data. This allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Web Access component of Primavera Portfolio Management, a software solution for automating production process management, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or...

OpenJDK: Incomplete interface type checks in Graal compiler (Hotspot, 8236867)

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks o...

The vulnerability of the sub-component “Call Phone Number Page” of the Oracle One-to-One Fulfillment component of the Oracle E-Business Suite allows a malicious user to gain access to modify, add, or delete data.

The vulnerability of the “Call Phone Number Page” sub-component of the Oracle One-to-One Fulfillment component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or...

The vulnerability of the Segment component in the Oracle Retail Customer Management and Segmentation software application allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software relates to access control deficiencies. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

The vulnerability of the Messages sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Messages sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protocol...

The vulnerability of the Analytics Server sub-component of the Oracle Business Intelligence Enterprise Edition component of the Oracle Fusion Middleware software allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software from Oracle Fusion Middleware is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add,...