CVE-2022-21500 : Oracle Security Alert Advisory

Description

This Security Alert addresses vulnerability CVE-2022-21500, which affects some deployments of Oracle E-Business Suite. This vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in the exposure of personally identifiable information (PII).

Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.

Oracle SaaS cloud environments are not affected by this vulnerability. This vulnerability could affect the E-Business Suite deployments of Oracle Managed Cloud Services customers. Oracle Managed Cloud Services customers should consult their account team for assistance.

For more information

https://www.oracle.com/security-alerts/alert-cve-2022-21500.html

Contact us to get started

CVE-2024-20418 : CISCO IOS XE CONTROLLER WEB-BASED MANAGEMENT INTERFACE COMMAND INJECTION

Description A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB)

Learn more

CVE-2024-20536 : CISCO DATA CENTER NETWORK MANAGER 12.1.2E/12.1.2P/12.1.3B WEB-BASED MANAGEMENT INTERFACE/REST API ENDPOINT SQL INJECTION

Description A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could

Learn more

CVE-2024-50340 : SYMFONY INJECTION

Description symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the

Learn more