94 matches found
SUSE CVE-2025-48888
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to read, update, add, and delete data.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to access control errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, update, add, and delete data using the HTTP protocol...
CVE-2025-21513
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2025-21508
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
CVE-2025-21507
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
CVE-2023-22055
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21630
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
CVE-2025-30740
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...
CVE-2025-30740
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...
CVE-2025-30709
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
Oracle JD Edwards EnterpriseOne Tools 安全漏洞
Oracle JD Edwards EnterpriseOne Tools is a component for installing, updating, and managing JD Edwards EnterpriseOne applications from Oracle Corporation Oracle. A security vulnerability exists in Oracle JD Edwards EnterpriseOne Tools versions 9.2.0.0 through 9.2.9.2, which stems from improper...
Medium: containerd
Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...
PT-2025-11557
Name of the Vulnerable Software and Affected Versions containerd versions prior to 1.6.38 containerd versions prior to 1.7.27 containerd versions prior to 2.0.4 Description A bug was found in containerd where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed...
The Role of Runtime Security in Cloud Environments
Discover how Wiz's innovative hybrid approach revolutionizes runtime security for the modern cloud era...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the disclosure of information through incompatibility. Exploitation of this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information through a specially...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the lack of authenticity verification for a critical function. Exploitation of this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, a...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete data.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the use of open redirection. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.
The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete files...