15 matches found
Security Bulletin: IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability (CVE-2026-8405)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2026-8405 DESCRIPTION: IBM Guardium Data Protection's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2026-40606
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...
PT-2025-47560
Name of the Vulnerable Software and Affected Versions Grafana versions 12.0.0 through 12.2.1 Grafana versions 12.0.6, 12.1.3, 12.1.4, 12.2.1, and 12.3.0 Description A critical vulnerability exists in Grafana Enterprise versions 12.x related to the System for Cross-domain Identity Management SCIM...
Oracle WebLogic Server (October 2025 CPU)
The 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Centralized...
EUVD-2025-35253
Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...
Carestream Health Clinical Collaboration Platform 安全漏洞
Carestream Health Clinical Collaboration Platform is a clinical assistance platform from Carestream Health, USA. A security vulnerability exists in Carestream Health Clinical Collaboration Platform version 12.2.1.5, which stems from an issue with the usertoken function in default.aspx that could...
CVE-2024-20992
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Content integration. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter...
CVE-2024-21084
Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Service Gateway. Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Whil...
Oracle Business Intelligence Enterprise Edition 安全漏洞
Oracle Business Intelligence Enterprise Edition is an intelligent business analytics software from Oracle. Visualize and analyze enterprise data to support decision-making, reduce total cost of ownership, and increase ROI across the organization. A security vulnerability exists in Oracle Business...
CVE-2023-21838
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle...
Oracle Fusion Middleware 安全漏洞
Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's Oracle business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, and other functionality.Forms is a component used to create forms that interact with Oracle...
Exploit for CVE-2020-14756
This is an exploit module for the CVE-2020-14756 vulnerability in Oracle WebLogic. The vulnerability allows for remote code execution RCE due to a deserialization issue in the coherence.jar library. The exploit is written in Python and uses the socket library to establish a connection to the...
CVE-2020-14864
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Installation. Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
PT-2020-4568 · Oracle · Oracle Business Intelligence Enterprise Edition
Name of the Vulnerable Software and Affected Versions: Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, 12.2.1.4.0 Description: The issue is related to insufficient input validation in the Installation component of Oracle Business Intelligence Enterprise Edition,...
CVE-2020-16198
When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct...