4572 matches found
Applied ThreadFix: Effective security team collaboration
Modern enterprises are distributed. Most ThreadFix deployments have stakeholders spanning development and security teams and those team members are spread around the globe. To support these distributed organizations, ThreadFix has a number of collaboration features that make teams more efficient...
Description of the SharePoint Designer 2010 update: March 12, 2013
Description of the SharePoint Designer 2010 update: March 12, 2013 INTRODUCTION Microsoft has released an update for Microsoft SharePoint Designer 2010. This update provides the latest fix for the 32-bit and 64-bit editions of SharePoint Designer 2010. Additionally, this update contains stability...
Unspecified Vulnerability in Oracle E-Business Suite Workflow (CNVD-2020-24056)
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Workflow E-Business Suite is one...
CVE-2020-2753
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-2753
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-2753
Technical details about CVE-2020-2753 are not publicly available in the provided connected documents; monitor for updates.
CVE-2020-2753
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-2753
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)
This update for git fixes the following issues : Security issue fixed : CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930. Non-security issue fixed : git was updated to 2.26.0 f...
Service Update 0.14 for Microsoft Dynamics 365 9.0
None None...
MS15-036: Description of the security update for SharePoint Server 2013: April 14, 2015
Resolves vulnerabilities in Microsoft Office server and productivity software that could allow elevation of privilege if an attacker sends a specially crafted request to an affected SharePoint Server.IntroductionThis security update resolves elevation of privilege vulnerabilities that exist when...
MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016
MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...
Argo Authorization Issue Vulnerability (CNVD-2020-27456)
Argo is an open source container native workflow engine. Argo suffers from an authorization issue vulnerability that stems from the program not implementing anti-automation protections. An attacker could use this vulnerability to brute-force break the administrator password...
Git-Hound v1.1 - GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System
A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research...
SharePoint Workflows - XOML Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...
Security Bulletin: An information disclosure vulnerability has been identified with the embedded Content Platform Engine component shipped with IBM Business Automation Workflow (CVE-2019-4572)
Summary A vulnerability in IBM FileNet Content Manager and Case Foundation, in some case, could contain user information in the log when Process Orchestration Web Services is invoked. Vulnerability Details CVEID: CVE-2019-4572 DESCRIPTION: IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific...
IBM Business Process Manager and IBM Business Automation Workflow SQL Injection Vulnerability
IBM Business Process Manager is a comprehensive business process management platform.IBM Business Automation Workflow is a platform for creating workflow applications to improve productivity. A SQL injection vulnerability exists in IBM Business Process Manager and IBM Business Automation Workflow...
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...
CVE-2019-4669
IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0 through 8.6.0.0 CF2018.03, and IBM Business Automation Workflow 18.0.0.1 through 19.0.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad...