Category: CVE Validated

CVE-2018-1000613 (api_gateway, banking_platform, business_process_management_suite, business_transaction_management, communications_application_session_controller, communications_converged_application_server, communications_convergence, communications_diameter_signaling_router, communications_webrtc_session_controller, data_integrator, enterprise_manager_base_platform, enterprise_manager_for_fusion_middleware, enterprise_repository, leap, legion-of-the-bouncy-castle-java-crytography-api, managed_file_transfer, oncommand_workflow_automation, peoplesoft_enterprise_peopletools, retail_convenience_and_fuel_pos_software, retail_xstore_point_of_service, soa_suite, utilities_network_management_system, webcenter_portal, weblogic_server)

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’)...

Read More

CVE-2017-6490 (epesi)

Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (cid, value, element, mode, tab, form_name, id) passed to the...

Read More
Loading