SUSE: Security Advisory (SUSE-SU-2016:2248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote Code Execution

Horde Groupware Webmail is vulnerable to remote code execution. An authenticated remote attacker could execute arbitrary PHP code via the Turba subcomponent...

CVE-2020-14222

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...

The vulnerability of the sub-component Federation of the Oracle Access Manager software component of the Oracle Fusion Middleware, which allows a perpetrator to cause a partial service disruption.

The vulnerability of the Federation sub-component of the Oracle Access Manager software component within the Oracle Fusion Middleware platform is related to resource release errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a partial service failure through...

The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite enterprise automation system allows a perpetrator to gain access to read data and modify that data.

The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data through HTT...

The vulnerability of the Portal sub-component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Portal subcomponent of the Oracle PeopleSoft Enterprise PeopleTools business application suite relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access...

The vulnerability of the US Federal Specific sub-component of the PeopleSoft Enterprise HCM Human Resources package from Oracle PeopleSoft Products allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the US Federal Specific sub-component of the PeopleSoft Enterprise HCM Human Resources package from Oracle PeopleSoft Products is related to inadequate access control mechanisms. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

The vulnerability of the Portal sub-component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Portal subcomponent of the Oracle PeopleSoft Enterprise PeopleTools business application suite relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access...

The vulnerability of the Content sub-component of the Oracle Content Manager system, a business automation solution from Oracle E-Business Suite. This vulnerability allows attackers to gain access to modify, add, or delete data.

The vulnerability of the Content sub-component of the Oracle Content Manager component in the Oracle E-Business Suite system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using...

Amazon Linux AMI : mysql57 (ALAS-2019-1297)

A stack-based buffer overflow vulnerability in the 'Server: Packaging cURL' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. CVE-2019-3822 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: XML...

MariaDB 10.1.0 < 10.1.38 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.38. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.38 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are...

Amazon Linux 2 : libvirt (ALAS-2019-1274) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091 Modern Intel microprocessors implement hardware-level micro-optimizations to improve the...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0085)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1...

The vulnerability of the Preferences sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite allows a perpetrator to access data for modification, addition, or deletion.

The vulnerability of the Preferences sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data using the HTTP protoco...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

Oracle VM VirtualBox Component Access Control Error Vulnerability

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

Oracle Siebel CRM Siebel Core - Server Framework Component Access Control Error Vulnerability

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions. The program includes sales management, marketing management, customer service systems, call centers and other modules.Siebel Core - Server Framework is one of the Siebel server...

Oracle Siebel CRM Siebel Core - Common Components Component Access Control Error Vulnerability

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions. The solution includes sales management, marketing management, customer service systems, call center modules.Siebel Core - Common Components is one of the Siebel Common Components. A...

Oracle Retail Applications Retail Customer Management and Segmentation Foundation Component Denial of Service Vulnerability

Oracle Retail Applications is a set of retail applications store solutions from Oracle Corporation Oracle. The product includes inventory management, sales management and customer management, etc. Retail Customer Management and Segmentation Foundation is one of the retail customer management...

Oracle Support Tools Clusterware Component Denial of Service Vulnerability

Oracle Support Tools is a set of Oracle support tools from Oracle Corporation.Clusterware is a set of portable clusterware. A security vulnerability exists in the Trace File Analyzer TFA Collector subcomponent of the Clusterware component of Oracle Support Tools, version 12.1.0.2.0. An attacker...