Lucene search
+L

4430 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.3 views

CVE-2021-2258

Vulnerability in the Oracle Projects product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Projects...

8.1CVSS6.6AI score0.00987EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:51 a.m.13 views

CVE-2021-2096

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Shopping Cart. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...

8.2CVSS7.3AI score0.01169EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/09 5:26 a.m.9 views

Security Bulletin: JSSE Vulnerability in Oracle Java SE and GraalVM Products, affects watsonx.data

Summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 a...

4.8CVSS5.3AI score0.00381EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/01/07 3:9 p.m.8 views

mysql: mariadb: mysqldump unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

6.8CVSS5.8AI score0.00431EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.28 views

PT-2026-34072

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u481 and 8u481-b50 Oracle GraalVM Enterprise Edition version 21.3.17 Description An issue in the Hotspot component allows a low privileged attacker with logon access to the infrastructure to compromise the system...

6CVSS7.7AI score0.00101EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-34165

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6 Description An issue in the Core component allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful exploitation can lead to...

5CVSS7.6AI score0.00096EPSS
Exploits0References4
OSV
OSV
added 2025/11/17 4:48 p.m.7 views

CVE-2025-62519 phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...

7.2CVSS9AI score0.00755EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/17 4:48 p.m.13 views

CVE-2025-62519 phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...

7.2CVSS0.00755EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/11/17 9:55 a.m.4 views

openjdk: Enhance String handling (Oracle CPU 2025-10)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15...

3.7CVSS5.8AI score0.00355EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/17 9:55 a.m.4 views

openjdk: Enhance certificate handling (Oracle CPU 2025-10)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracl...

5.9CVSS7.2AI score0.00487EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/12 12:0 a.m.3 views

CVE-2025-56385

A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to...

7.7AI score0.00413EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.5 views

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2025-1244)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1244 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

7.5CVSS7.3AI score0.00633EPSS
Exploits0References6
Amazon
Amazon
added 2025/10/27 12:0 a.m.8 views

Medium: java-21-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 a...

7.5CVSS6.3AI score0.00633EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.16 views

Oracle Essbase Multiple Vulnerabilities (October 2025 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the October 2025 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Security and Provisioning Bouncy Castle Java Library. The supported version that is...

8.1CVSS6.9AI score0.08665EPSS
Exploits4References13
NCSC
NCSC
added 2025/10/23 1:53 p.m.7 views

Vulnerabilities fixed in Oracle JD Edwards EnterpriseOne Tools

Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Tools Specifically for versions 9.2.0.0 to 9.2.9.4. The vulnerabilities in JD Edwards EnterpriseOne Tools allow unauthenticated attackers to compromise the system via HTTP, which can lead to unauthorized access and modification of...

10CVSS6.8AI score0.23932EPSS
Exploits3References1
NCSC
NCSC
added 2025/10/23 1:51 p.m.11 views

Vulnerabilities fixed in Oracle Java

Oracle has fixed vulnerabilities in Oracle Java SE and Oracle GraalVM Specifically for versions 21.0.8 and 25 of Oracle Java SE, and version 21.3.15 of Oracle GraalVM Enterprise Edition. The vulnerabilities allow unauthenticated attackers with network access to compromise systems, which can lead ...

7.5CVSS6.8AI score0.01011EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/10/22 8:28 p.m.3 views

openjdk: Enhance certificate handling (Oracle CPU 2025-10)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracl...

5.9CVSS7.2AI score0.00487EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2025/10/22 12:0 a.m.10 views

Duplicate

This advisory duplicates another...

5.9AI score
Exploits0References4Affected Software1
OSV
OSV
added 2025/10/21 8:20 p.m.4 views

CVE-2025-62592

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS5.8AI score0.00183EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 8:20 p.m.5 views

CVE-2025-53043

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

8.1CVSS0.00348EPSS
Exploits0References1
Rows per page
Query Builder