Lucene search
K

1367 matches found

OSV
OSV
added 2021/10/20 11:17 a.m.1 views

UBUNTU-CVE-2021-35623

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

2.7CVSS6.5AI score0.01342EPSS
Exploits0References4
OSV
OSV
added 2021/10/20 11:16 a.m.2 views

CVE-2021-35571

Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft component: Advising Notes. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.4CVSS6.7AI score0.0057EPSS
Exploits0References1
OSV
OSV
added 2021/10/20 11:16 a.m.2 views

CVE-2021-35545

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6.7CVSS6.9AI score0.0039EPSS
Exploits0References2
CNVD
CNVD
added 2021/10/20 12:0 a.m.17 views

Oracle Secure Global Desktop Unauthorized Access Vulnerability

Oracle Secure Global Desktop is a secure remote access solution for any cloud-hosted enterprise applications and hosted desktops running on Microsoft Windows, Linux, Oracle Solaris, and mainframe servers. oracle Secure Global Desktop Unauthorized Access Vulnerability. An attacker could use this...

5.5CVSS2.5AI score0.00779EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.2 views

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation Oracle. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase's Essbase Administration Services product that...

5.3CVSS6.7AI score0.01134EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.3 views

AUVESY Versiondog 缓冲区错误漏洞

An out-of-bounds read vulnerability exists in AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, which can be exploited by attackers to specify any offset and read out-of-bounds data...

5.7CVSS5.6AI score0.00637EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/19 12:0 a.m.2 views

PT-2021-21021 · Oracle +8 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.26 and prior Description: A vulnerability in the MySQL Server product allows a high privileged attacker with network access via multiple protocols to compromise the server. Successful attacks can result in unauthoriz...

10CVSS6.5AI score0.87816EPSS
Exploits22References830
CNVD
CNVD
added 2021/10/13 12:0 a.m.6 views

Samsung Notes libSPenBase buffer overflow vulnerability (CNVD-2025-24720)

Samsung Notes is an application from Samsung South Korea. It is used to provide a recording function. A buffer overflow vulnerability exists in Samsung Note versions prior to 4.3.02.61, which stems from a lack of buffer bounds checking in the libSPenBase library, and can be exploited by an attack...

7.1CVSS7.2AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2021/10/12 3:15 p.m.3 views

CVE-2021-40497

SAP BusinessObjects Analysis edition for OLAP - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation could lead to exposure of some system specific data like its...

5.3CVSS5.8AI score0.00823EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/12 12:0 a.m.1 views

nodejs 环境问题漏洞

nodejs is a JavaScript runtime environment based on the ChromeV8 engine by wrapping the Chromev8 engine as well as the use of event-driven and non-blocking IO applications to make the development of high-performance backend applications in Javascript possible. Nodejs An environment issue...

6.5CVSS7.1AI score0.02299EPSS
Exploits1References28
CNVD
CNVD
added 2021/10/08 12:0 a.m.17 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-09855)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that stems from the inability of the ""tf.rawops.RaggedGather"" parameter in the software to determine a valid ragged tensor code,...

7.3CVSS7AI score0.00167EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/09/21 10:13 a.m.4 views

mysql: Server: GIS unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

8CVSS7.2AI score0.01729EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/09/16 12:15 p.m.3 views

CVE-2021-40066

The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and...

5.3CVSS5.8AI score0.00559EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/31 12:0 a.m.26 views

Solarwinds Orion Platform SQL注入漏洞

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and profiling of network devices and supports custom web interfaces, multiple user opinions, and map-based browsing of the entire network. The...

9CVSS5.6AI score0.01642EPSS
Exploits0References6
CVE
CVE
added 2021/08/12 8:25 p.m.80 views

CVE-2021-37655

CVE-2021-37655 describes a heap-based read out of bounds in TensorFlow caused by incomplete validation when updating a resource with tf.raw_ops.ResourceScatterUpdate. The issue stems from validating the relationship between the shapes of indices and updates (only divisibility checked instead of p...

7.3CVSS7.3AI score0.00167EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/07/23 12:0 a.m.6 views

PT-2021-6423 · Mysql Server +1 · Mysql Cluster +1

Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 7.5.24 and prior MySQL Cluster versions 7.6.20 and prior MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attacker with access to the physical communication segment attached to the...

10CVSS6.3AI score0.87816EPSS
Exploits22References425
Positive Technologies
Positive Technologies
added 2021/07/23 12:0 a.m.5 views

PT-2021-6430 · Oracle +1 · Mysql Cluster +1

Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 7.4.34 and prior MySQL Cluster versions 7.5.24 and prior MySQL Cluster versions 7.6.20 and prior MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attacker with access to the physic...

10CVSS6.3AI score0.87816EPSS
Exploits22References425
Positive Technologies
Positive Technologies
added 2021/07/23 12:0 a.m.6 views

PT-2021-6426 · Oracle +1 · Mysql Cluster +1

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Cluster versions 7.4.34 and prior Oracle MySQL Cluster versions 7.5.24 and prior Oracle MySQL Cluster versions 7.6.20 and prior Oracle MySQL Cluster versions 8.0.27 and prior Description: The issue allows a high-privileged attack...

10CVSS6.3AI score0.87816EPSS
Exploits22References425
OSV
OSV
added 2021/07/21 3:15 p.m.1 views

CVE-2021-2401

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: E-Business Suite - XDO. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...

5.3CVSS7.3AI score0.8482EPSS
Exploits0References2
OSV
OSV
added 2021/07/21 3:15 p.m.4 views

CVE-2021-2373

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

5.4CVSS6.7AI score
Exploits0References1
Rows per page
Query Builder