Lucene search
K

4567 matches found

Cvelist
Cvelist
added 2019/10/16 5:40 p.m.25 views

CVE-2019-2925

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Worklist. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful...

4.1AI score0.01218EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/10/16 4:38 a.m.4 views

jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)

A flaw was found in the Jenkins Workflow Remote Loader plugin. An unsafe whitelist entry was made that allowed invoking arbitrary methods and bypassing sandbox protection. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.9CVSS6.7AI score0.01938EPSS
Exploits0References5
CNVD
CNVD
added 2019/10/16 12:0 a.m.2 views

Unspecified Vulnerability in Oracle E-Business Suite Workflow

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Workflow E-Business Suite is one...

4.3CVSS6.6AI score0.01218EPSS
Exploits0References1
Symantec
Symantec
added 2019/10/15 12:0 a.m.24 views

Oracle E-Business Suite CVE-2019-2925 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote vulnerability in Oracle Workflow. The vulnerability can be exploited over the 'HTTP' protocol. The 'Worklist' component is affected. This vulnerability affects the following supported versions: 2.1.3, 12.2.3 through 12.2.8 Technologies...

1.3AI score0.01218EPSS
Exploits0References1Affected Software1
Akamai Blog
Akamai Blog
added 2019/10/11 8:0 p.m.216 views

Access Revocation: A Content Provider's Tool to Block Pirates in Real time

Akamai Announces New Capability to Allows Content Providers to Shut Down Sources of Piracy ... The Growth of Global Online Video Consumption and Piracy Media and entertainment companies, including Content owners and Over-the-top OTT service providers are living in an era that provides them an...

0.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2019/10/11 8:0 p.m.144 views

Faster On-Boarding for Performance and Security Products

As part of our October release, we are making our onboarding experience much faster and simpler. These benefits are extended to new customers looking to onboard and protect new hostnames on Akamai - as well as existing customers looking to spin up, test, and protect new functionality within their...

0.7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/10/07 2:0 p.m.176 views

Enhanced API Scanning with Postman Support in Qualys WAS

Due to the fast-growing usage of REST APIs, having a way to test them for vulnerabilities in an automated, reliable way is more important than ever. Automated testing of APIs is a little trickier than for web applications. You can't simply enter a starting URL for the scanner and click "Go"...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/10/03 1:49 p.m.36 views

Partner Perspectives: Disrupt Advanced Threats with Blumira + Carbon Black

Matt Warner is the CTO of Blumira. Modern security challenges are not easy to fix or even identify, and despite misleading advertising from some vendors, there is no one-size-fits-all solution. Blumira frequently observes large visibility gaps in existing security implementations, allowing obviou...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/10/02 7:20 p.m.183 views

How security orchestration improves detection and response

Working together in perfect harmony like the wind and percussion sections of a symphony orchestra requires both rigorous practice and a skilled conductor. Wouldn’t it be great if our cybersecurity solutions did the same to better protect organizations? The methods and tools used to accomplish thi...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/09/29 12:0 a.m.1 views

NetApp OnCommand Workflow Automation Information Disclosure Vulnerability

NetApp OnCommand Workflow Automation is a suite of storage process management software from American NetApp. The software provides storage configuration, storage cloning and other functions for the database or file system. An information disclosure vulnerability exists in NetApp OnCommand Workflo...

5.3CVSS6.1AI score0.00694EPSS
Exploits0References1
Kitploit
Kitploit
added 2019/09/20 8:41 p.m.356 views

Kirjuri - Web Application For Managing Cases And Physical Forensic Evidence Items

Kirjuri is a simple php/mysql web application for managing physical forensic evidence items. It is intended to be used as a workflow tool from receiving, booking, note-taking and possibly reporting findings. It simplifies and helps in case management when dealing with a large or small! number of...

7.3AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2019/09/13 8:44 p.m.160 views

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there's no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when...

7.2AI score
Exploits0
NVD
NVD
added 2019/09/11 8:15 p.m.25 views

CVE-2019-3759

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to vie...

8.1CVSS7AI score0.03226EPSS
Exploits3References2
NVD
NVD
added 2019/09/11 8:15 p.m.13 views

CVE-2019-3760

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. A remote authenticated malicious user could potentially exploit this vulnerability to execute SQL commands on the back-e...

8.8CVSS7.5AI score0.01214EPSS
Exploits0References1
OSV
OSV
added 2019/09/11 8:15 p.m.6 views

CVE-2019-3759

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to vie...

8.1CVSS7.3AI score0.03226EPSS
Exploits3References2
OSV
OSV
added 2019/09/11 8:15 p.m.5 views

CVE-2019-3760

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. A remote authenticated malicious user could potentially exploit this vulnerability to execute SQL commands on the back-e...

8.8CVSS7.5AI score0.01214EPSS
Exploits0References1
Prion
Prion
added 2019/09/11 8:15 p.m.17 views

Sql injection

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. A remote authenticated malicious user could potentially exploit this vulnerability to execute SQL commands on the back-e...

6.5CVSS8.9AI score0.01214EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2019/09/11 8:15 p.m.12 views

Code injection

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to vie...

5.5CVSS7.9AI score0.03226EPSS
Exploits3References2Affected Software2
Cvelist
Cvelist
added 2019/09/11 7:17 p.m.28 views

CVE-2019-3759

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a code injection vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to run custom Groovy scripts to gain limited access to vie...

6.4CVSS8.1AI score0.03226EPSS
Exploits3References2
Cvelist
Cvelist
added 2019/09/11 7:17 p.m.18 views

CVE-2019-3760

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain a SQL Injection vulnerability in Workflow Architect. A remote authenticated malicious user could potentially exploit this vulnerability to execute SQL commands on the back-e...

6.4CVSS8.9AI score0.01214EPSS
Exploits0References1
Rows per page
Query Builder