Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

4.3CVSS7.3AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.6 views

PT-2026-33789

Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint GET /internal/transcripts/meeting id that returns transcript data for any meeting without any authentication or...

7.5CVSS5.7AI score0.00402EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.7 views

CVE-2019-2561

Vulnerability in the Oracle Retail Xstore Office component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 7.0 and 7.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reta...

8.2CVSS6.8AI score0.01396EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-28119

Malware in sbrugna...

7.5CVSS7.5AI score0.01237EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-0107

Malware in sbrugna...

5CVSS6.3AI score0.01916EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the ec_glob() function in the EditorConfig code library allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ecglob function in the EditorConfig code library is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service failures...

7.8CVSS7.6AI score0.00965EPSS
Exploits1References7Affected Software3
Cvelist
Cvelist
added 2025/03/03 7:57 p.m.10 views

CVE-2024-51958 Directory traversal vulnerability in the admin api for service thumbnails

There is a path traversal vulnerability in ESRI ArcGIS Server versions 11.3 and below. Successful exploitation may allow a remote authenticated attacker with admin privileges to traverse the file system to access files outside of the intended directory. There is no impact to integrity or...

4.9CVSS0.00562EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.7 views

The vulnerability of the subtitle rendering components in Microsoft Edge and Google Chrome allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the subtitle rendering components in Microsoft Edge and Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

10CVSS7.6AI score0.0083EPSS
Exploits0References9Affected Software5
Positive Technologies
Positive Technologies
added 2024/04/01 12:0 a.m.3 views

PT-2024-4250

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 10.3.0 Description A buffer overflow exists in the imagingcms.c file of the Pillow library due to the use of strcpy instead of strncpy. This issue can allow an attacker to impact the confidentiality, integrity, and...

7.3CVSS6.8AI score0.00989EPSS
Exploits0References86
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.7 views

The vulnerability of the URI_FUNC() function in the UriParse.c component of the UriParser parser allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the URIFUNC function in the UriParse.c component of the UriParser parser is related to reading data beyond the allowable buffer size limits. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

10CVSS7.1AI score0.0205EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.5 views

The vulnerability of the bfd_cache_close function in the bfd/cache.c component of the GNU Binutils development environment allows a perpetrator to access confidential data, compromise its integrity, and cause service failure.

The vulnerability of the bfdcacheclose function in the bfd/cache.c component of the GNU Binutils development environment is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause...

10CVSS7AI score0.01989EPSS
Exploits0References6Affected Software2
Positive Technologies
Positive Technologies
added 2023/10/13 12:0 a.m.3 views

PT-2023-6219 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.8 Nextcloud Server versions 26.0.0 through 26.0.3 Nextcloud Enterprise Server versions 22.0.0 through 22.2.10.13 Nextcloud Enterprise Server versions 23.0.0 through 23.0.12.8 Nextcloud Enterprise...

9.8CVSS5.9AI score0.01041EPSS
Exploits6References94
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.5 views

The vulnerability of the PHP programming language, related to the use of insufficiently random values, allows attackers to gain access to confidential data.

The vulnerability of the PHP programming language lies in the use of a random number generator that operates within a narrow range of values. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

4.3CVSS5.9AI score0.00709EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.7 views

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data, allowing a perpetrator to access confidential information.

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

5.9CVSS6.2AI score0.00295EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.6 views

PT-2023-4247 · Sap · Sap Hybris Commerce +1

Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions HY COM 2105, HY COM 2205, COM CLOUD 2211 SAP Hybris Commerce versions HY COM 2105, HY COM 2205 Description: The issue is related to the implementation of the Omni Commerce Connect OCC API in SAP Commerce Cloud and...

7.5CVSS7AI score0.00435EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2023/01/12 9:42 a.m.4 views

Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk

Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files a...

8.8CVSS6.7AI score0.01659EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.4 views

PT-2022-5030

Name of the Vulnerable Software and Affected Versions SIMATIC Drive Controller family versions prior to V2.9.2 SIMATIC ET 200SP Open Controller CPU 1515SP PC versions prior to V21.9 SIMATIC ET 200SP Open Controller CPU 1515SP PC2 versions prior to V21.9 SIMATIC S7-1200 CPU family versions prior t...

9.3CVSS7.5AI score0.00217EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.7 views

The vulnerability of Xen hypervisors on x86 Intel systems, related to the lack of a mechanism for managing privileges, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Xen hypervisors on x86 Intel systems is related to the lack of a mechanism for managing privileges. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures...

7.8CVSS7.2AI score0.00356EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.6 views

The vulnerabilities of the `cdf_read_sat`, `cdf_read_long_sector_chain`, and `cdf_read_ssat` functions, which are utilities for determining the type of specified files in a File object. These vulnerabilities are related to buffer overflows in memory, allowing attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerabilities of the cdfreadsat, cdfreadlongsectorchain, and cdfreadssat functions, which are used to determine the type of the specified files, are related to buffer overflows in memory. Exploiting these vulnerabilities can allow an attacker to gain access to confidential data, compromise...

9.8CVSS8.1AI score0.01134EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/09/15 12:0 a.m.8 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to memory management after it is released. These vulnerabilities allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to the use of memory after it is released. Exploiting the...

7.8CVSS7.2AI score0.03919EPSS
Exploits0References3
Rows per page
Query Builder