5 matches found
PT-2025-14542 · Os4Ed · Os4Ed Opensis
Name of the Vulnerable Software and Affected Versions: OS4ED openSIS versions 7.0 through 9.1 Description: The issue is a SQL injection vulnerability via the stu id parameter at the "/modules/students/Student.php" API endpoint. Recommendations: For OS4ED openSIS versions 7.0 through 9.1, consider...
PT-2019-17100 · Ibm · Ibm Websphere Application Server
Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: The issue allows a user with access to audit logs to obtain sensitive information due to improper handling of command line options. Recommendations: For IBM WebSphere...
PT-2019-17008 · Ibm · Ibm Websphere Application Server
Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: The issue allows a remote attacker to obtain sensitive information when a specially crafted URL causes a stack trace to be dumped. This occurs in the Admin Console of the...
Google Android Media framework remote code execution vulnerability (CNVD-2019-23556)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A remote code execution vulnerability exists in the Media framework component in Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. An attacker can exploit this vulnerability to...
tomcat: A bug in the UTF-8 decoder can lead to DoS
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86...