CVE-2021-2233

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Setup. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2198

Summary of CVE-2021-2198 (Oracle Knowledge Management, Oracle E-Business Suite) Reported vulnerability affects Oracle Knowledge Management within Oracle E-Business Suite variants 12.1.1–12.1.3 and 12.2.3–12.2.10, specifically the Setup/Admin components. The issue allows an unauthenticated, networ...

CVE-2021-2195

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Attribute Admin Setup. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

DEBIAN-CVE-2020-35981

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters in isomedia/isomstore.c...

UBUNTU-CVE-2020-35981

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters in isomedia/isomstore.c...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. An invalid pointer dereference vulnerability exists in the SetupWriters function in isomedia/isomstore.c in GPAC versions 0.8.0 and 1.0.1. No detailed vulnerability details are provided at this time...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite.Oracle...

Oracle E-Business Suite Oracle Partner Management Attribute Admin Setup 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is in the original Application ERP based on the expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management...

Oracle Knowledge 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite. Oracle Knowledge...

Nextcloud: Nextcloud deck sharee search leaks searches to lookupserver by default

So, in short this is related to the other 2 reports https://hackerone.com/reports/1167916 and https://hackerone.com/reports/1167919 While I could not find deck on your h1 page. I kind of assume it is in scope as well as this is something you sell with the 'groupware' subscription...

Sish - HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH

An open source serveo/ngrok alternative. Deploy Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can ...

Use-after-free

linux is vulnerable to use after free. An attacker is able to exploit the vulnerability via an I/O request at a certain point during device setup...

SAP Setup 安全漏洞

SAP ERP is a series of software for ERP management from SAP, a German company. A security vulnerability exists in SAP Setup version-9.0. Unreferenced service paths could lead to privilege escalation during the installation process performed when registering the executable. This could further lead...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is a collection of vulnerable environments, not a single exploit or tool. The repository contains a variety of vulnerable environments, including CouchDB, FFmpeg, Git, InfluxDB, and more,...

CSRF Vuln can expose user's QRcode

Impact When a user is setting up two-factor authentication using an authenticator app, a QRcode is generated and made available via a GET request to /tf-qrcode. Since GETs do not have any CSRF protection, it is possible a malicious 3rd party could access the QRcode and therefore gain access to...

CVE-2020-11243

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

Error: Unable to Create Authentication Service for Receiver StoreFront

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information During the initial setup of Receiver StoreFront server on either deployment option, Single or...

CVE-2020-21588

Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service crash via a long string in the Setup-Users-Username editbox...

Buffer overflow

Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service crash via a long string in the Setup-Users-Username editbox...