Lucene search
K

4742 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.12 views

CVE-2026-34289

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...

5.9CVSS7.4AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34294

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...

5.9CVSS7.3AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-9234

The JTL-Connector for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.4.1. This is due to missing capability checks and nonce verification on the adminpostsettingssavewoo-jtl-connector action handled by JtlConnectorAdmin::save and on the...

4.3CVSS5.6AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.11 views

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.5AI score0.00499EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.9 views

CVE-2026-4353

The CI HUB Connector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the cihubmetadata shortcode in all versions up to, and including, 1.2.106 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

6.4CVSS5.7AI score0.00245EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

6.5CVSS5.5AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.12 views

CVE-2026-34287

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...

9.1CVSS7.1AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.12 views

CVE-2026-34286

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...

9.1CVSS7.1AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-34290

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle Identity Manager...

7.5CVSS7.3AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.12 views

CVE-2026-34285

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...

9.1CVSS7.1AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-46819

Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

9.1CVSS5.5AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 5:38 a.m.10 views

BIT-ACTIVEMQ-2026-49270 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)

Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurableSubs set to true, are vulnerable to an unauthenticated attacker who can receive a list of all...

5.9CVSS5.4AI score0.00328EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.28 views

Oracle E-Business Suite (May 2026 CSPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the May 2026 CSPU advisory. - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected...

9.9CVSS5.8AI score0.00677EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.18 views

Apache ActiveMQ 5.14.x < 5.19.7 / 6.x < 6.2.6 Information Disclosure

The version of Apache ActiveMQ running on the remote host is 5.14.x prior to 5.19.7 or 6.x prior to 6.2.6. It is, therefore, affected by an information disclosure vulnerability: - Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache...

5.9CVSS5.6AI score0.00328EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.12 views

Kibana 9.3.x < 9.3.3 SSRF (ESA-2026-40)

The version of Kibana installed on the remote host is 9.3.x prior to 9.3.3. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-40 advisory. - Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the...

7.7CVSS5.5AI score0.00199EPSS
Exploits0References2
OSV
OSV
added 2026/06/03 6:56 p.m.5 views

ROOT-APP-PYPI-CVE-2025-5279 CVE-2025-5279 in rootio-redshift-connector - Patched by Root

Root has patched CVE-2025-5279 in the rootio-redshift-connector package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.00251EPSS
Exploits0
CVE
CVE
added 2026/06/03 3:49 p.m.23 views

CVE-2026-46245

CVE-2026-46245 affects the AMDGPU display driver in the Linux kernel. The vulnerability arises in amdgpu_dm_hpd_init() where a NULL dc_link could be dereferenced while setting up HPD interrupts, despite an earlier check for polling decisions. The provided patch assigns dc_link early and skips con...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and extcon processing in the power supply pm8916lbc module. Th...

7.8CVSS5.3AI score0.00125EPSS
Exploits0References4
NVD
NVD
added 2026/06/02 9:16 a.m.15 views

CVE-2026-9234

The JTL-Connector for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.4.1. This is due to missing capability checks and nonce verification on the adminpostsettingssavewoo-jtl-connector action handled by JtlConnectorAdmin::save and on the...

4.3CVSS0.00198EPSS
Exploits0References6
CVE
CVE
added 2026/06/02 7:48 a.m.25 views

CVE-2026-9234

The CVE-2026-9234 entry identifies a vulnerability in the WordPress plugin JTL-Connector for WooCommerce (versions up to and including 2.4.1). The issue is Missing Authorization on three actions: admin_post_settings_save_woo-jtl-connector, and the AJAX actions wp_ajax_downloadJTLLogs and wp_ajax_...

4.3CVSS5.9AI score0.00198EPSS
Exploits0References6
Rows per page
Query Builder