Aggregator

一个被 Google 标记为 "不予修复" 的安全隐患

OpenCyvis 2.0 发布：新增标准安装模式，不需要刷机，下载 APK 配对即用。支持 IM 远程控制、定时例行任务、多模型切换。

A vulnerability marked as very critical has been reported in Oracle Retail Assortment Planning 15.0.3/16.0.3. Affected is an unknown function of the component Application Core. Performing a manipulation results in information disclosure. This vulnerability is identified as CVE-2020-1945. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as very critical has been identified in Oracle Retail Bulk Data Integration 15.0/16.0. Affected by this vulnerability is an unknown functionality of the component BDI Job Scheduler. Executing a manipulation can lead to information disclosure. This vulnerability is tracked as CVE-2020-1945. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as very critical has been found in Oracle Retail Data Extractor for Merchandising 1.9/1.10. Affected by this issue is some unknown functionality of the component ODI Knowledge Module. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2020-1945. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability labeled as very critical has been found in Oracle Enterprise Repository 11.1.1.7.0. Affected by this issue is some unknown functionality of the component Security Subsystem. The manipulation results in information disclosure. This vulnerability is known as CVE-2020-1945. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as very critical, was found in Oracle Retail Financial Integration 15.0/16.0. Affected by this issue is some unknown functionality of the component PeopleSoft Integration. The manipulation results in information disclosure. This vulnerability is reported as CVE-2020-1945. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability labeled as very critical has been found in Oracle Category Management Planning and Optimization 15.0.3. This impacts an unknown function of the component ODI Integration. Such manipulation leads to information disclosure. This vulnerability is referenced as CVE-2020-1945. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability identified as very critical has been detected in Oracle Endeca Information Discovery Studio 3.2.0. Affected by this vulnerability is an unknown functionality of the component Studio. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2020-1945. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

Поддержка предлагает новые серверы в других локациях, пока пользователи жалуются на исчезнувшие проекты и недоступные бэкапы/

A vulnerability marked as critical has been reported in Oracle Banking Enterprise Collections 2.7.0/2.8.x/2.9.0. This issue affects some unknown processing of the component Installer. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2020-1945. The attack can only be executed locally. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Oracle Banking Platform up to 2.9.0. Impacted is an unknown function of the component Installer. Such manipulation leads to information disclosure. This vulnerability is referenced as CVE-2020-1945. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Oracle Financial Services Analytical Applications Infrastructure up to 8.1.0. It has been rated as very critical. Affected by this vulnerability is an unknown functionality of the component Infrastructure. Performing a manipulation results in information disclosure. This vulnerability is known as CVE-2020-1945. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability categorized as very critical has been discovered in Oracle FLEXCUBE Investor Servicing 12.1.0/12.3.0/12.4.0/14.0.0/14.1.0. Affected by this issue is some unknown functionality of the component Infrastructure. Executing a manipulation can lead to information disclosure. This vulnerability is handled as CVE-2020-1945. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as very critical has been detected in Oracle FLEXCUBE Private Banking 12.0.0/12.1.0. This affects an unknown part of the component Utilities. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-1945. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Oracle Communications Order and Service Management 7.3/7.4. Affected by this vulnerability is an unknown functionality of the component Installer. This manipulation causes information disclosure. This vulnerability is registered as CVE-2020-1945. The attack needs to be launched locally. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as very critical has been discovered in Oracle Primavera Unifier up to 19.12. This affects an unknown function of the component Core. The manipulation results in information disclosure. This vulnerability is identified as CVE-2020-1945. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Oracle Enterprise Manager Ops Center 12.4.0.0. This affects an unknown part of the component Networking. This manipulation causes information disclosure. This vulnerability is registered as CVE-2020-1945. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability has been found in Oracle Communications MetaSolv Solution 6.3.0 and classified as very critical. Impacted is an unknown function of the component Online Help. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2020-1945. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]