684 matches found
Vulnerabilities fixed in Oracle Fusion Middleware
Vulnerabilities have been fixed in Oracle Fusion Middleware. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution Us...
Vulnerabilities fixed in Oracle E-Business Suite
Vulnerabilities have been fixed in Oracle E-Business Suite. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Access to sensitive data. Access to system data Manipulation of data Oracle has made updates available to fix the...
Vulnerabilities fixed in Oracle Communications Applications
Vulnerabilities have been fixed in Oracle Communications Applications. A malicious party could exploit the vulnerabilities to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products including. Parasolid, Ruggedcom, SIMATIC, SICAM and Tecnomatix. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that could result in the following categories of damage: Denial-of-Service DoS...
Vulnerabilities fixed in Fortinet
Fortinet has fixed a number of vulnerabilities in FortiOS, FortiProxy, FortiNAC, FortiSandbox and FortiClient. A malicious person could exploit the vulnerability marked CVE-2023-45590 to executing code on a FortiClientLinux system by getting a user to visit a rogue website. Other vulnerabilities...
Vulnerabilities fixed in Splunk
Splunk has fixed vulnerabilities in Splunk Enterprise. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Circumvention of security measure. Accessing sensitive data Access to system data Splunk has released...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as. Cerberus, Ruggedcom, SCALANCE, Sentron, SIMATIC, Sinema, Sinteso, Siveillance and Solid Edge. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage:...
BIT-MAGENTO-2020-24407 Arbitrary code execution via file import functionality
Magento versions 2.4.0 and 2.3.5p1 and earlier are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components...
BIT-ARGO-CD-2021-23135
Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14...
Acronis Cyber Protect Information Disclosure Vulnerability
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Singapore. It combines backup, anti-malware, cybersecurity and endpoint management features such as vulnerability assessment, URL filtering, patch management, and more. An information...
Vulnerabilities fixed in Oracle Database products
Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system da...
GHSA-98G6-XH36-X2P7 Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability...
CVE-2024-0056 Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...
CVE-2023-48382
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access...
CVE-2023-48381
Softnext Mail SQR Expert is an email management platform, it has a Local File Inclusion LFI vulnerability in a special URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP file with .asp file extension under specific system paths, to access and modify...
CVE-2023-3517
Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...
CVE-2023-3517
Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...
Design/Logic Flaw
Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...
Hitachi Vantara Pentaho Data Integration & Analytics Security Breach
Hitachi Vantara Pentaho Data Integration & Analytics is a data integration and analytics system from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 9.5.0.1, prior to 9.3.0.5, and 8.3.x, which stems from an...