Lucene search
+L

21 matches found

CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

Oracle多款产品 安全漏洞

Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...

3.7CVSS7.2AI score0.00269EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.13 views

CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

7.5CVSS6.3AI score0.00767EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.12 views

CVE-2021-22342

There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions...

4.9CVSS6.5AI score0.00563EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-43072

Malicious code in bioql PyPI...

3.3CVSS4.8AI score0.00285EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-51168

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01074EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/14 7:38 a.m.5 views

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager is vulnerable to multiple vulnerabilities.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Tivoli Application Dependency Discovery Manager TADDM. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a...

7.8CVSS7.7AI score0.00784EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 8:3 p.m.12 views

CVE-2021-37127

There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product version...

9CVSS6.9AI score0.00693EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 p.m.7 views

CVE-2020-1801

There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro...

5.5CVSS6.7AI score0.00591EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:53 p.m.12 views

CVE-2020-9071

There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cau...

6.5CVSS6.7AI score0.00634EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.7 views

CVE-2020-1793

There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Ma...

4.6CVSS7.2AI score0.00245EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:16 p.m.8 views

CVE-2020-1866

There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions...

6.5CVSS7AI score0.00351EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/25 9:52 a.m.8 views

Security Bulletin: IBM JRS (Jazz Reporting Service) uses a web link with untrusted references to an external site.

Summary IBM JRS Jazz Reporting Service uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims' web browser. The web application produces links to untrusted...

9.8CVSS6.4AI score0.0034EPSS
Exploits0Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2025/01/08 6:13 p.m.35 views

CVE-2025-0282: Ivanti Connect Secure Zero-Day Exploited in the Wild

On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is ...

9CVSS8.6AI score0.99971EPSS
Exploits13
ICS
ICS
added 2023/12/07 7:0 a.m.47 views

Schweitzer Engineering Laboratories SEL-411L

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL-411L Vulnerability : Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability...

6.1CVSS5.6AI score0.0039EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/06/16 12:54 p.m.11 views

CVE-2022-48472

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211...

8.1AI score0.01074EPSS
Exploits0References1
NVD
NVD
added 2021/11/23 4:15 p.m.28 views

CVE-2021-37102

There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful...

9CVSS0.00946EPSS
Exploits0References1
NVD
NVD
added 2021/08/02 5:15 p.m.25 views

CVE-2021-22396

There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280...

7.8CVSS0.00148EPSS
Exploits0References1
NVD
NVD
added 2020/05/21 3:15 p.m.27 views

CVE-2020-9069

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than...

6.5CVSS6.3AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2020/03/20 4:15 p.m.31 views

CVE-2020-1879

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions...

3.9CVSS4.2AI score0.00149EPSS
Exploits0References2
Prion
Prion
added 2020/02/28 7:15 p.m.21 views

Improper access control

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain proce...

2.1CVSS5.4AI score0.00199EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder