Oracle E-Business Suite Remote Security Vulnerability (CNVD-2017-00650)

Oracle E-Business Suite E-Business Suite is Oracle's fully integrated suite of global business management software. oracle iStore is one of the e-business applications that enable merchants to efficiently build, deploy, manage, and personalize their Internet storefronts. iStore is an e-commerce...

Unspecified Vulnerability in Oracle E-Business Suite Oracle CRM Technical Foundation Component (CNVD-2017-00858)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Oracle CRM Technical Foundation ...

KLA10951 ACE vulnerability in Google Chrome

Incorrect optimisation assumptions in V8 engine were found in Google Chrome. By exploiting this vulnerability malicious users can perform arbitrary read/write operations and execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML page. Original advisorie...

IBM Security Identity Manager Virtual Appliance Cross-Site Scripting Vulnerability (CNVD-2017-00457)

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. A cross-site scripting vulnerability exists in the IBM Security Identity Manager Virtual Appliance. An attacker can exploit this vulnerability to inject arbitrary JavaScrip...

IBM WebSphere Application Server Cross-Site Scripting Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WAS. An...

Cross-site scripting vulnerability in multiple IBM Rational products (CNVD-2016-13286)

IBM Rational Collaborative Lifecycle Management CLM, etc. are products of IBM Corporation in the U.S. IBM Rational CLM, Rational Team Concert RTC and Rational Engineering Lifecycle Manager RELM are collaborative lifecycle management solutions; Rational DOORS Next Generation RDNG is a requirements...

IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2016-13273)

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM...

CVE-2016-5188

Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux allow a remote attacker to spoof various parts of browser UI via crafted HTML pages...

Exploit Development IDE: Exploit Pack

Exploit Development IDE Exploit Pack is a full IDE for exploit development and penetration testing with base workspace and an extensible module system. It is written mostly in JAVA but its modules use Python as an engine and it can be used to develop packages or tools which then can be run inside...

CVE-2016-9200

A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.51 10.6...

UBUNTU-CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "". This allows remote attackers to execute arbitrary Python code...

ALPINE-CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

Sql injection

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6619

CVE-2016-6619 is a SQL injection vulnerability in phpMyAdmin's user interface preference feature. The flaw allows an attacker to inject SQL against the control user account by exploiting inadequate input sanitization in the UI, affecting multiple branches: 4.6.x (pre-4.6.4), 4.4.x (pre-4.4.15.8),...

CVE-2016-6619

An issue was discovered in phpMyAdmin. In the user interface preference feature, a user can execute an SQL injection attack against the account of the control user. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

[SECURITY] Fedora 25 Update: roundcubemail-1.2.3-1.fc25

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...