1004 matches found
CVE-2017-10120
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure where RDBMS...
Oracle Retail Xstore Point of Service Remote Vulnerability (CNVD-2017-27178)
Oracle Retail Applications is a set of retail applications store solutions from Oracle Corporation. Oracle Retail Xstore Point of Service is one of the retail point of service management components. A security vulnerability exists in the Xstore Office subcomponent of the Retail Xstore Point of...
Unspecified Vulnerability in Oracle FLEXCUBE Private Banking
Oracle Financial Services Applications is a set of core banking, online banking and property management financial services software from Oracle Corporation, of which Oracle FLEXCUBE Private Banking is a private banking component. A security vulnerability exists in the Miscellaneous subcomponent o...
Unspecified Vulnerability in Oracle PeopleSoft Enterprise FSCM
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise FSCM is one of the financial and supply chain management components. A...
Oracle FLEXCUBE Universal Banking Unauthorized Operation Vulnerability (CNVD-2017-24342)
Oracle Financial Services Applications is a suite of financial services software from Oracle that combines core banking, online banking, and property management.Oracle FLEXCUBE Universal Banking is one of the real-time, online coverage of retail, group...Oracle FLEXCUBE Universal Banking is a...
Unspecified Vulnerability in Oracle Database Server (CNVD-2017-18568)
Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. Oracle Database Server version 12.1.0.2 has a security vulnerability in the RDBMS Security implementation, which can be exploited by a...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2017-15387)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Corporation, of which Oracle Partner Management is a partner management component. A security vulnerability exists in the User Interface subcomponent of the Oracle Partner...
Oracle MySQL Server Unauthorized Modification Vulnerability (CNVD-2017-06387)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which the MySQL Server component is a server component. A security vulnerability exists in the Server: Security: Encryption subcomponent of the MySQL Server component in Oracle MySQL, version 5.7.17 a...
Oracle VM VirtualBox Remote Vulnerability (CNVD-2017-06468)
Oracle Virtualization Oracle VirtualBox is a virtual machine component of Oracle's virtualization solution. A security vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization. An attacker could exploit this vulnerability to unauthorized creatio...
CVE-2017-3539
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
UBUNTU-CVE-2017-3589
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise...
UBUNTU-CVE-2017-3468
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2017-3236
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2016-8317
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Unit Trust. Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Difficult to exploit vulnerability allows low privileged attacker with network...
CVE-2016-8298
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with network access...
Unspecified Vulnerability in Solaris Libc Library Component
Solaris is a unix-based operating system. An unspecified vulnerability in the Solaris Libc Library component could allow an attacker to launch a denial-of-service attack or unauthorized modification of some data...
Taobao decoration can reference external js file-bug warning-the black bar safety net
Taobao decoration page for the js filter is not strict you can use user reference to an external js file, you can obtain other Taobao user cookies, modify your own shop reviews, baby sell number and the like. In Taobao decoration page that has a background image uploaded, as long as firebug for...
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03403333 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03403333 Version: 1 HPSBGN02787...
EV0072.txt
New eVuln Advisory: Magic News Lite PHP Code Execution & Unauthorized Data Modification http://evuln.com/vulns/72/summary.html --------------------Summary---------------- eVuln ID: EV0072 CVE: CVE-2006-0723 CVE-2006-0724 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com...
[eVuln] Magic News Lite PHP Code Execution & Unauthorized Data Modification
New eVuln Advisory: Magic News Lite PHP Code Execution & Unauthorized Data Modification http://evuln.com/vulns/72/summary.html --------------------Summary---------------- eVuln ID: EV0072 CVE: CVE-2006-0723 CVE-2006-0724 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com...