Khaled Sakr

**Name of the Vulnerable Software and Affected Versions** PeopleSoft Enterprise SCM Purchasing version 9.2 **Description** The issue is related to insufficient access controls in the Purchasing component of Oracle PeopleSoft Enterprise SCM Purchasing. This can be exploited by a remote attacker to gain unauthorized access to protected information via the HTTP protocol. Successful attacks may require human interaction and can significantly impact additional products, resulting in unauthorized access to update, insert, or delete data, as well as read access to a subset of accessible data. **Recommendations** For version 9.2, consider restricting access to the Purchasing component to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the use of HTTP protocol for sensitive operations. Ensure that all users with access to the PeopleSoft Enterprise SCM Purchasing product have the least privileges necessary to perform their tasks, reducing the potential impact of a successful attack.

**Name of the Vulnerable Software and Affected Versions** libssh versions prior to 0.9.3 libssh versions prior to 0.8.8 **Description** A flaw was found in the libssh API function `ssh scp new()` that allows an attacker to inject arbitrary commands when the libssh SCP client connects to a server. This is possible if the library is used in a way where users can influence the third parameter of the `ssh scp new()` function, leading to a compromise of the remote target. The issue is related to the lack of data sanitization at the management level, which can allow a remote attacker to execute arbitrary code. **Recommendations** For versions prior to 0.9.3, update to version 0.9.3 or later to resolve the issue. For versions prior to 0.8.8, update to version 0.8.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `ssh scp new()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SQLite version 3.30.1 **Description** The issue is related to the `exprListAppendList` function in SQLite, which can cause an invalid pointer dereference due to the mishandling of constant integer values in ORDER BY clauses of window definitions. This can lead to a denial of service. The estimated number of potentially affected devices is not specified. **Recommendations** For SQLite version 3.30.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JDeveloper and ADF versions 11.1.1.9.0 through 12.2.1.3.0 **Description** The issue is related to insufficient access control in the OAM component of Oracle JDeveloper and ADF, allowing a remote attacker to gain unauthorized access to protected information via the HTTP protocol. The attack requires human interaction from someone other than the attacker and can result in unauthorized read access to a subset of accessible data. **Recommendations** For versions 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.3.0, consider restricting access to the OAM component until a patch is available. As a temporary workaround, consider disabling the vulnerable OAM component to minimize the risk of exploitation. Restrict network access via HTTP to the Oracle JDeveloper and ADF product to reduce the attack surface.

**Name of the Vulnerable Software and Affected Versions** SQLite versions 3.30.1 and earlier **Description** The issue is related to errors in handling numbers, which can be exploited by a remote attacker to cause a denial of service. It is also reported that certain SELECT statements with a nonexistent VIEW can lead to an application crash. **Recommendations** For SQLite version 3.30.1 and earlier, update to a newer version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions 1.1.1 through 1.1.1b OpenSSL versions 1.1.0 through 1.1.0j **Description** The issue is related to the ChaCha20-Poly1305 cipher in OpenSSL, which requires a unique nonce input for every encryption operation. According to RFC 7539, the nonce value should be 96 bits (12 bytes). However, OpenSSL allows a variable nonce length and incorrectly permits a nonce to be set of up to 16 bytes, where only the last 12 bytes are significant and any additional leading bytes are ignored. This can lead to serious confidentiality and integrity attacks if an application reuses a nonce value. The estimated number of potentially affected devices is not provided. **Recommendations** For OpenSSL versions 1.1.1 through 1.1.1b, update to version 1.1.1c to resolve the issue. For OpenSSL versions 1.1.0 through 1.1.0j, update to version 1.1.0k to resolve the issue. As a temporary workaround, consider restricting the use of the ChaCha20-Poly1305 cipher with non-default nonce lengths to minimize the risk of exploitation. Avoid using the `nonce` variable in the affected API endpoint until the issue is resolved.