Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the... weiterlesen

... weiterlesen

... weiterlesen

Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated... weiterlesen

... weiterlesen

... weiterlesen

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. However, agents were still wrongly able to perform... weiterlesen

Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has logic to ensure that customer users are not able to see personal... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling... weiterlesen

... weiterlesen

An issue was discovered in Gajim through 1.4.7. The vulnerability allows attackers, via crafted XML stanzas, to correct messages that were not sent by... weiterlesen

... weiterlesen

An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP... weiterlesen

... weiterlesen

DOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having... weiterlesen

Chipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. Chipolo devices suffer from access revocation... weiterlesen

EC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. Exploiting... weiterlesen

ISAMS 22.2.3.2 is prone to stored Cross-site Scripting (XSS) attack on the title field for groups, allowing an attacker to store a JavaScript payload that... weiterlesen

JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation... weiterlesen

... weiterlesen

On Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task can be locked when there are frequent and continuous Wi-Fi... weiterlesen

SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows... weiterlesen

A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker... weiterlesen

Topic: Food Ordering Management System 1.0 SQL Injection Risk: Medium Text:# Exploit Title: Food Ordering Management System - SQL Injection # Google Dork:... weiterlesen

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion... weiterlesen

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames... weiterlesen

... weiterlesen

... weiterlesen

A vulnerability classified as critical has been found in Oracle Java SE 6u121/7u111/8u102. This affects an unknown part of the component Hotspot. The... weiterlesen

A vulnerability was found in Oracle FLEXCUBE Universal Banking up to 12.2.0 and classified as critical. This issue affects some unknown processing of... weiterlesen

A vulnerability classified as critical has been found in Oracle PeopleSoft Enterprise PeopleTools 8.54/8.55. Affected is an unknown function of the component... weiterlesen

A vulnerability was found in Oracle E-Business Suite 12.1.1/12.1.2/12.1.3/12.2.3/12.2.4. It has been rated as critical. This issue affects some unknown... weiterlesen

A vulnerability was found in Oracle E-Business Suite 12.1.1/12.1.2/12.1.3/12.2.3/12.2.4 and classified as critical. Affected by this issue is some unknown... weiterlesen

A vulnerability has been found in Oracle E-Business Suite 12.1.1/12.1.2/12.1.3/12.2.3/12.2.4 and classified as critical. Affected by this vulnerability... weiterlesen

mailcow is a mailserver suite. A vulnerability innversions prior to 2022-09 allows an attacker to craft a custom Swagger API template to spoof Authorize... weiterlesen

Orckestra C1 CMS is a .NET based Web Content Management System. A vulnerability in versions prior to 6.13 allows remote attackers to execute arbitrary... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

A vulnerability, which was classified as critical, was found in Oracle E-Business Suite 12.1.1/12.1.2/12.1.3/12.2.3/12.2.4. Affected is an unknown function... weiterlesen

A vulnerability, which was classified as critical, has been found in Oracle E-Business Suite 12.1.1/12.1.2/12.1.3/12.2.3/12.2.4. This issue affects some... weiterlesen

A vulnerability classified as critical has been found in Oracle FLEXCUBE Universal Banking up to 12.2.0. Affected is an unknown function of the component... weiterlesen

A vulnerability was found in Oracle Retail Xstore Payment 1.x. It has been rated as critical. This issue affects some unknown processing of the component... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been declared as critical. This vulnerability... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 and classified as critical. Affected by this issue... weiterlesen

A vulnerability was found in Oracle E-Business Suite 12.1.3/12.2.3/12.2.4/12.2.5/12.2.6. It has been rated as critical. Affected by this issue is some... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been declared as critical. Affected by this... weiterlesen

A vulnerability has been found in Oracle Solaris 11.3 and classified as critical. This vulnerability affects unknown code of the component Kernel Zones.... weiterlesen

A vulnerability classified as critical was found in Oracle PeopleSoft Enterprise PeopleTools 8.54/8.55. Affected by this vulnerability is an unknown functionality... weiterlesen

A vulnerability was found in Oracle Enterprise Session Border Controller up to Ecz7.3m2p2. It has been declared as critical. This vulnerability affects... weiterlesen

A vulnerability, which was classified as critical, has been found in Oracle Enterprise Session Border Controller up to Ecz7.3m2p2. This issue affects... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been rated as critical. Affected by this... weiterlesen

A vulnerability classified as critical has been found in Oracle FLEXCUBE Universal Banking 11.3.0/11.4.0/12.0.1/12.0.2/12.0.3. Affected is an unknown... weiterlesen

A vulnerability, which was classified as problematic, was found in Oracle Enterprise Session Border Controller up to Ecz7.3m2p2. Affected is an unknown... weiterlesen

A vulnerability, which was classified as problematic, has been found in Oracle Enterprise Session Border Controller up to Ecz7.3m2p2. This issue affects... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been declared as problematic. Affected by... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been classified as problematic. Affected... weiterlesen

A vulnerability, which was classified as problematic, was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. This affects... weiterlesen

A vulnerability, which was classified as problematic, has been found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. Affected... weiterlesen

A vulnerability classified as problematic has been found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. Affected is an unknown... weiterlesen

A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/... weiterlesen

A vulnerability, which was classified as problematic, was found in Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15. Affected is an unknown function of... weiterlesen

A vulnerability, which was classified as problematic, has been found in Oracle Solaris 10/11.3. This issue affects some unknown processing of the component... weiterlesen

A vulnerability was found in Oracle MySQL Server up to 5.7.13 and classified as problematic. Affected by this issue is some unknown functionality of the... weiterlesen

... weiterlesen

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX... weiterlesen

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL... weiterlesen

... weiterlesen

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products... weiterlesen

A vulnerability, which was classified as problematic, was found in Oracle MySQL Server up to 5.7.13. Affected is an unknown function of the component... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been declared as problematic. Affected by... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1. It has been classified as problematic. Affected... weiterlesen

A vulnerability was found in Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 and classified as problematic. This issue affects... weiterlesen

A vulnerability, which was classified as problematic, has been found in Oracle FLEXCUBE Universal Banking up to 12.2.0. Affected by this issue is some... weiterlesen

A vulnerability classified as problematic was found in Oracle FLEXCUBE Universal Banking up to 12.2.0. Affected by this vulnerability is an unknown functionality... weiterlesen

... weiterlesen

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon... weiterlesen

... weiterlesen

Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.... weiterlesen

... weiterlesen

Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions... weiterlesen

... weiterlesen

Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted... weiterlesen

... weiterlesen

... weiterlesen

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially... weiterlesen

... weiterlesen

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to... weiterlesen