50 matches found
BIT-JAVA-2021-2388
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...
BIT-JAVA-MIN-2021-2341
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows...
PT-2026-37708
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows...
PT-2026-37709
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...
CVE-2026-21346
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21346
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21346
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21347 Bridge | Integer Overflow or Wraparound (CWE-190)
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21347 Bridge | Integer Overflow or Wraparound (CWE-190)
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-21346 Bridge | Out-of-bounds Write (CWE-787)
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
F5 Networks BIG-IP : CGNAT LSN vulnerability (K04048104)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.3.1 / 15.1.1 / 16.0.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K04048104 advisory. - On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5...
openssl security update
3.0.7-16.0.1 - Replace upstream references Orabug: 34340177...
GitLab < 16.0.1 (CVE-2023-2825)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an...
CVE-2023-29194
Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...
CVE-2023-29194 vitess allows users to create keyspaces that can deny access to already existing keyspaces
Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...
PT-2023-2849 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 16.0.0 Description: The issue is related to a path traversal vulnerability that allows an unauthenticated malicious user to read arbitrary files on the server when an attachment exists in a public project nested within at leas...
PT-2023-22193 · Vitess · Vitess
Name of the Vulnerable Software and Affected Versions: Vitess versions prior to 16.0.1 Description: The issue arises when a keyspace containing / characters is created, intentionally or inadvertently, causing errors when attempting to view keyspaces from VTAdmin or when using vtctldclient...
SUSE CVE-2019-15623
Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled...
Dolibarr SQL注入漏洞
Dolibarr is a software application. It can help you manage the activities of your organization. An SQL injection vulnerability exists in dolibarrerp/crm 16.0.1, version 16.0.2, which stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit the...
CVE-2022-4093
CVE-2022-4093 describes an SQL injection vulnerability in Dolibarr ERP/CRM specifically in the internal components (e.g., dolibarr_erp/crm) that affects versions 16.0.1 and 16.0.2; 16.0.0 or lower, and 16.0.3 or higher are not affected. The root cause is a lack of validation of externally entered...