Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Portal. Date published : 2015-01-21 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securitytracker.com/id/1031577
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Portal SEC. Date published : 2015-01-21...
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AD_DDL....
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Date published : 2015-01-21 http://www.securityfocus.com/bid/72137 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 allows local users to affect confidentiality, integrity, and availability via vectors related to B2B Engine. Date published : 2015-01-21 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Unspecified vulnerability in the Recovery component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality via vectors related to DBMS_IR. Date published...
IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors. Date published : 2015-01-21 http://www-01.ibm.com/support/docview.wss?uid=swg1LI78291 http://www-01.ibm.com/support/docview.wss?uid=swg21694460
The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to...
Cross-site scripting (XSS) vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fs[resource] parameter in the...
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. Date published : 2015-01-21 http://www.securityfocus.com/bid/72074 http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3
The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathname in a filesystem:...
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive. Date published : 2015-01-21 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774716 http://www.openwall.com/lists/oss-security/2015/01/18/3
Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive. Date published : 2015-01-21 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774716 http://www.openwall.com/lists/oss-security/2015/01/18/3
Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive. Date published : 2015-01-21 http://www.securityfocus.com/bid/72111 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774989