| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Reporting and Analytics. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H). |
| Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupplier Portal. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iSupplier Portal accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). |
| Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Supported versions that are affected are 12.0.0.3.0-12.0.0.7.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Communications BRM - Elastic Charging Engine executes to compromise Oracle Communications BRM - Elastic Charging Engine. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communications BRM - Elastic Charging Engine accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). |
| Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions. |
| Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. |
| Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. |
| Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. |
| Memory corruption in Graphics while importing a file. |
| Memory Corruption while accessing metadata in Display. |
| Transient DOS while parsing WLAN beacon or probe-response frame. |
| Transient DOS in WLAN Firmware while parsing FT Information Elements. |
| Transient DOS in WLAN Firmware while processing frames with missing header fields. |
| Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. |
| Memoru corruption in Audio when ADSP sends input during record use case. |
| Memory corruption in WLAN HOST while receiving an WMI event from firmware. |
| Memory corruption in Audio while validating and mapping metadata. |
| Memory corruption in Audio during playback session with audio effects enabled. |
| Transient DOS in Modem while processing RRC reconfiguration message. |
| Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. |
| Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. |