The vulnerability of the FortiOS operating system, related to access control errors, allows a perpetrator to read and write data in the memory loading sector.

The vulnerability of the FortiOS operating system is related to access control errors. Exploiting this vulnerability allows a person with administrator privileges to read and write data in the memory load sector...

CVE-2018-3125

Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications subcomponent: Security SQL Logger. The supported version that is affected is 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

PT-2022-11275 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue allows attackers to cause a denial of service via a crafted file in the MP4Box command, specifically through the gf bs write data function. Recommendations: For GPAC version 1.0.1, consider disabling...

CVE-2018-19044

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or...

Unspecified Vulnerability in Artifex MuPDF

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'pdfgetxrefentry' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.13.0. A remote attacker can exploit this vulnerability with the help of a specially crafted pdf file to...

CVE-2018-2946

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

CVE-2018-2792

Vulnerability in the Hardware Management Pack component of Oracle Sun Systems Products Suite subcomponent: Ipmitool. The supported version that is affected is Prior to 2.4.3. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2017-14464

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

Red Hat OpenShift Enterprise Elevation of Privilege Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A security vulnerability exists in Red Hat OpenShift Enterprise version 3.7. An...

CVE-2018-2682

Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

CVE-2018-2659

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime SEC. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

CVE-2017-10397

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications subcomponent: BaseMasterPage. The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2017-10265

Vulnerability in the Oracle Integrated Lights Out Manager ILOM component of Oracle Sun Systems Products Suite subcomponent: System Management. The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2017-10055

Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware subcomponent: Admin Graphical User Interface. The supported version that is affected is 7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

BLE Scanner for Smart Devices Hacking: BLEAH

A BLE scanner for “smart” devices hacking based on the bluepy library, dead easy to use because retarded devices should be dead easy to hack. How to Install Install bluepy from source: git clone https://github.com/IanHarvey/bluepy.git cd bluepy python setup.py build sudo python setup.py install...

CVE-2017-10211

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hospitality Suite8. Successf...

YARA Denial of Service Vulnerability (CNVD-2017-11330)

YARA is a set of tools used to help software researchers identify and categorize malware samples. A denial of service vulnerability exists in the 'yrarenawritedata' function in YARA version 3.6.1. A remote attacker can exploit this vulnerability with the help of specially crafted files to cause a...

PT-2017-18938

Name of the Vulnerable Software and Affected Versions YARA version 3.6.1 Description The issue allows remote attackers to cause a denial of service or obtain sensitive information from process memory via a crafted file. This is due to the mishandling of the file in the yr re fast exec function in...

CVE-2017-3579

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with...

CVE-2017-2989

Adobe Campaign versions Build 8770 and earlier have an input validation bypass that could be exploited to read, write, or delete data from the Campaign database...