CVE-2021-2274

Vulnerability in the Oracle E-Business Tax product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2258

Vulnerability in the Oracle Projects product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Projects...

CVE-2021-2258

CVE-2021-2258 affects Oracle E-Business Suite, Oracle Projects UI. Affected versions: 12.1.1–12.1.3 and 12.2.3–12.2.10. Description confirms a low-privilege, network-accessible (HTTP) vulnerability in Oracle Projects that can lead to unauthorized create/delete/modify of critical data or access to...

The vulnerability of the Windows Installer component on Microsoft Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of the Windows Installer component in Microsoft Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

Huawei Data Communication: Disable the security policy of the VTY user interface

Disables the VTY user interface security policy. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2021-2860 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information stored on an...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability in Oracle Projects User...

The vulnerability of the Mozilla Firefox browser, related to errors in the user interface’s information representation, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Mozilla Firefox browser is related to errors in information representation by the user interface. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Symantec Security Analytics Web UI 操作系统命令注入漏洞

Symantec Security Analytics Web UI is an application from Symantec Corporation, USA. Symantec Security Analytics suffers from an operating system command injection vulnerability that results from improper input validation. An unauthenticated, remote attacker could use this vulnerability to send...

KLA12150 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Memory corruption...

KLA12149 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of...

KLA12145 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An...

KLA12144 Multiple vulnerabiltiies in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An...

PT-2021-2621 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Windows Installer component in Microsoft Windows operating systems. This can allow...

IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2021-32645)

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...

KLA12141 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerabili...

CVE-2021-20519

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441...

CVE-2020-4920

IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396...

IBM Jazz Team Server 跨站脚本漏洞

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...

CVE-2020-4920

IBM Jazz Team Server products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191396...