The vulnerability of the OUD Core component of the Oracle Unified Directory application, which facilitates simplified deployment of the Oracle Fusion Middleware software. This vulnerability allows a malicious individual to gain full control over the application.

The vulnerability of the OUD Core component of the Oracle Unified Directory application, which is used for simplified deployment of the Oracle Fusion Middleware software, is related to access control errors. Exploiting this vulnerability could allow an attacker to gain full control over the...

The vulnerability of the Security Framework component of the Oracle WebCenter Portal web platform allows a perpetrator to gain full control over the application.

The vulnerability of the Security Framework component of the Oracle WebCenter Portal relates to the absence of authentication for a critical function. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...

The vulnerability of the WebCenter Sites component for user-serviceing applications on the internet allows a perpetrator to gain unauthorized access to create, delete, or modify data.

The vulnerability of the WebCenter Sites application component for online user services in Oracle WebCenter Sites is related to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, or modify data...

The vulnerability of the Security Framework component of the Oracle WebCenter Portal web platform allows a perpetrator to gain full control over the application.

The vulnerability of the Security Framework component of the Oracle WebCenter Portal is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...

The vulnerability of the Security Framework component of the Oracle WebCenter Portal web platform allows a perpetrator to gain full control over the application.

The vulnerability of the Security Framework component of the Oracle WebCenter Portal is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain full control over the application...

The vulnerability of the OIM Legacy UI component of the Oracle Identity Manager allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the OIM Legacy UI component of the Oracle Identity Manager is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protect...

The vulnerability of the software for data integration and analytics in Hitachi Vantara Pentaho Data Integration & Analytics lies in the improper assignment of permissions to critical resources. This allows attackers to gain access to read, modify, or delete data.

The vulnerability of the Hitachi Vantara Pentaho Data Integration & Analytics software for data integration and analysis is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability may allow an attacker operating remotely to gain access to read,...

The vulnerability of the strchr() function in the Squid proxy server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the strchr function in the Squid proxy server is related to the escape from memory buffer boundaries. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools system allows a hacker to gain full access to the system.

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools management system is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to gain full access to the system...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Client Bundle component in the Oracle WebCenter Enterprise Capture software suite allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Client Bundle component in the Oracle WebCenter Enterprise Capture software suite is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the WebCenter Sites component in the user-service provisioning application for the internet. Oracle WebCenter Sites allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WebCenter Sites application component for online user services in Oracle WebCenter Sites relates to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the ADF Faces framework in the Oracle Application Development Framework allows a perpetrator to gain unauthorized access to read, update, add, or delete protected information.

The vulnerability of the ADF Faces framework in the Oracle Application Development Framework is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, update, add, or delete protected information...

The vulnerability of the WebCenter Sites component in the user-service provisioning application for the internet. Oracle WebCenter Sites allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WebCenter Sites application component for online user services in Oracle WebCenter Sites is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Student Financials module of the Oracle PeopleSoft Enterprise Campus Solutions platform allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Student Financials module of the Oracle PeopleSoft Enterprise Campus Solutions platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

The vulnerability of the WebCenter Sites component in the user-service provisioning application for the internet. Oracle WebCenter Sites allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WebCenter Sites application component for online user services in Oracle WebCenter Sites relates to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

The vulnerability of the EAI component in the Oracle Siebel CRM system, which manages relationships with customers, allows a hacker to gain full access to the system.

The vulnerability of the EAI component in the Oracle Siebel CRM system, which is responsible for managing relationships with customers, relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker operating remotely to gain full access to the system...

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Content Server component of the Oracle WebCenter Content user interaction platform is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images of Oracle WebCenter Content: Imaging, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Core component of corporate application software for storing, viewing, and processing graphic images in Oracle WebCenter Content: Imaging is related to the absence of authentication for a critical function. Exploiting this vulnerability can allow an attacker to compromise...

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools system allows a hacker to gain full access to the system.

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools management system is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to gain full access to the system...

The vulnerability of the Core connector component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Core connector component in Oracle Identity Manager, a software platform of Oracle Fusion Middleware, is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to manipulate the confidentiality and integrity of...

The vulnerability of the Setup and Administration component of the Oracle Advanced Inbound Telephony software, a part of the Oracle E-Business Suite, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Setup and Administration component of the Oracle Advanced Inbound Telephony software in the Oracle E-Business Suite relates to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to influence the confidentiality,...

The vulnerability of the Generic Unix Connector component in the Oracle Identity Manager Connector software suite for managing user accounts and access rights allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Generic Unix Connector component in the Oracle Identity Manager Connector software suite for managing user accounts and access rights is related to access control errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, a...

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools system allows a hacker to gain full access to the system.

The vulnerability of the Enterprise Infrastructure Security component of the JD Edwards EnterpriseOne Tools management system is related to the lack of authentication for critical functions. Exploiting this vulnerability could allow a malicious actor to gain full access to the system remotely...

The vulnerability of the Security Framework component of the Oracle Application Development Framework allows a perpetrator to gain unauthorized access for reading, updating, adding, or deleting protected information.

The vulnerability of the Security Framework component of the Oracle Application Development Framework is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, update, add, or delete protected information...

The vulnerability of LiteLLM’s proxy server, related to the use of an unprotected alternative channel, allows attackers to execute arbitrary code.

The vulnerability of the LiteLLM proxy server is related to the use of an unprotected alternative channel. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the console-based graphic editor ImageMagick, related to buffer overflow in the stack, allows a hacker to exploit it to disclose protected information.

The vulnerability of the console-based graphic editor ImageMagick is related to buffer overflows in the stack during the processing of MIFF format files Magick Image File Format. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Magick.NET library, a console-based graphic editor for ImageMagick, allows a hacker to induce a service failure.

The vulnerability of the Magick.NET library, a console-based graphic editor that uses ImageMagick, relates to reading data outside of the permitted range in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ssh2_transport_read() function in the libssh2 library, which allows a hacker to execute arbitrary code.

The vulnerability of the ssh2transportread function in the libssh2 library is related to buffer overflows due to integer overflows. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using specially created SSH packets...

The vulnerability of the XML component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the XML component of the Oracle Database Server system is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the RDBMS component of the database management system Oracle Database Server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the RDBMS component of the database management system, Oracle Database Server, is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the cap_set_file() function in the libcap library, which allows a hacker to increase their privileges

The vulnerability of the capsetfile function in the libcap library is related to synchronization errors when using a common resource “Race Condition”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the built-in mobile security firewall Ivanti Sentry arises from the use of an alternative path or channel, which allows a intruder to elevate their privileges and gain full access to the device.

The vulnerability of the built-in mobile security firewall, Ivanti Sentry, relates to bypassing authentication using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain full access to the device...

The vulnerability of the TarFile.ExtractToDirectory method in the .NET software platform allows a malicious actor to gain access to and modify data.

The vulnerability of the TarFile.ExtractToDirectory method in the .NET software platform is related to the incorrect handling of symbolic links before accessing the file. Exploiting this vulnerability could allow an attacker to gain access to and modify data...

The vulnerability of the MagicYUV decoder on the FFmpeg media processing platform allows a hacker to execute arbitrary code.

The vulnerability of the MagicYUV decoder on the FFmpeg media processing platform relates to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created malicious media file...

The vulnerability of the gRPC-traffic routing function in the NGINX Gateway Fabric web server controller allows a attacker to cause a service failure.

The vulnerability of the gRPC-traffic routing function in the NGINX Gateway Fabric web server controller is related to improper array index checking. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Go language-based HTTP/2 protocol implementation allows a attacker to cause a service failure.

The vulnerability in the HTTP/2 implementation using the Go programming language arises from executing a loop with an unreachable exit condition when processing the value of SETTINGSMAXFRAMESIZE, which is equal to 0. Exploiting this vulnerability could allow a remote attacker to cause a service...

The vulnerability of the console-based graphic editor ImageMagick, related to uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the console-based graphic editor ImageMagick is related to uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the MIFF encoder in the console-based image editing tool ImageMagick allows a hacker to trigger a service failure.

The vulnerability of the MIFF encoder in the console-based ImageMagick graphics editor is related to incorrect calculations of the buffer size allocated. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the graphics processor in Google Chrome browsers on Android operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the graphics processor in Google Chrome browsers on Android operating systems is related to the use of uninitialized variables. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HTML page...

The vulnerability of the JP2 image decoding decoder in the console-based image editing software ImageMagick allows a hacker to induce a service failure.

The vulnerability of the JP2 image decoding decoder in the console-based image editing software ImageMagick is related to a offset error of one unit. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the decoder in the MSL console-based image editing tool ImageMagick, which allows a hacker to trigger a service failure.

The vulnerability of the decoder in the MSL console-based image editing tool ImageMagick relates to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the MIFF decoder in the console-based ImageMagick graphics editor allows a hacker to trigger a service failure.

The vulnerability of the MIFF decoder in the console-based ImageMagick graphics editor leads to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the urldecode() function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the urldecode function in the PHP programming language is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the mbregexuringencoding() function in the PHP interpreter allows a hacker to trigger a service failure.

The vulnerability of the mbregexuringencoding function in the PHP interpreter is related to discrepancies in the lists of encodings between the Oniguruma library and mbfl, as a result of a pointer assignment error. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Google Chrome browser’s Video component, which allows a hacker to obtain confidential information

The vulnerability of the Google Chrome browser’s Video component is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to obtain confidential information through a specially created HTML page...

The vulnerability of the Bluetooth component of Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the Bluetooth component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created HTML page...

The vulnerability of the Bluetooth component of Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the Bluetooth component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a specially created HTML page...

The vulnerability of the command-line interface (CLI) of the Cisco Umbrella Virtual Appliance allows a perpetrator to escalate their privileges and execute arbitrary commands.

The vulnerability of the CLI interface of the Cisco Umbrella Virtual Appliance lies in the lack of access control when using the vmadmin account. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary commands...