CVE-2022-0167

An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not disabling the Autocomplete attribute of fields related to sensitive information making i...

Oracle Financial Services Applications Security Vulnerability

Oracle Financial Services Applications and Oracle FLEXCUBE Universal Banking are both products of Oracle Corporation, USA.Oracle Financial Services Applications is a suite of financial services Oracle Financial Services Applications is a suite of financial services software. Oracle Financial...

Oracle Financial Services Applications Security Vulnerability

Oracle Financial Services Applications and Oracle FLEXCUBE Universal Banking are both products of Oracle Corporation, USA.Oracle Financial Services Applications is a suite of financial services Oracle Financial Services Applications is a suite of financial services software. Oracle Financial...

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not disabling the Autocomplete attribute of fields related to sensitive information making i...

Path traversal

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file located in the classloader using the template API and a path with ".." in it. The issue is patch...

CVE-2021-22257

Removed by vendor...

GitLab CE/EE 跨站脚本漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability in GitLab CE/EE in all versions starting with 13.11, 13.12, a...

CVE-2021-2323

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Flex-Branch. Supported versions that are affected are 12.3, 12.4, 14.0-14.4 and . Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

Apple tvOS 输入验证错误漏洞

Apple tvOS is a smart TV operating system from Apple, Inc. tvOS suffers from an input validation error vulnerability that originates from insufficient user-supplied input validation in the operating system kernel subsystem. A remote attacker could exploit this vulnerability to send a specially...

Apple tvOS 缓冲区错误漏洞

Apple tvOS is an operating system for Smart TVs from Apple Inc. in the United States. tvOS suffers from a buffer error vulnerability that stems from a boundary condition in ImageIO. A remote attacker exploiting this vulnerability could create a specially crafted file, trick a victim into opening...

Apple Safari 输入验证错误漏洞

Apple Safari is a web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. An input validation error vulnerability exists in Apple Safari. The vulnerability arises when a network system or product does not properly validate input data. The...

CVE-2018-3050

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2016-0438

Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and CVE-2016-0437...