Lucene search
K

721 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.6 views

CVE-2021-2085

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CR...

8.2CVSS7.3AI score0.01169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.7 views

CVE-2021-2318

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

9.1CVSS7.2AI score0.01074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 p.m.10 views

CVE-2020-14795

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS6.4AI score0.01621EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 p.m.11 views

CVE-2020-14736

Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Public Synonym privilege with network access via Oracle Net to compromi...

6.5CVSS5.1AI score0.00796EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 12:56 p.m.8 views

CVE-2018-4008

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise their privileges to roo...

9.3CVSS7AI score0.00422EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:14 a.m.14 views

CVE-2019-2703

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.8CVSS7AI score0.00556EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 9:57 p.m.12 views

CVE-2025-30711

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments, File Upload. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

5.4CVSS6.1AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 9:13 p.m.12 views

CVE-2025-30727

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: iSurvey Module. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

9.8CVSS7.4AI score0.00471EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 9:15 p.m.10 views

CVE-2025-30688

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

6.5CVSS6.3AI score
Exploits0References2
NVD
NVD
added 2025/04/15 9:15 p.m.18 views

CVE-2025-30686

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications component: EMC. Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality...

7.6CVSS0.00485EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/04/15 8:31 p.m.7 views

CVE-2025-30705

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS5.4AI score0.00774EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/04/15 8:31 p.m.8 views

CVE-2025-30689

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS5.4AI score0.00716EPSS
Exploits0
Packet Storm
Packet Storm
added 2025/03/24 12:0 a.m.128 views

Chamilo LMS 1.11.24 Shell Upload

Chamilo LMS versions 1.11.24 and below remote shell upload exploit. Exploit Title: Chamilo LMS 1.11.24 - Remote Code Execution RCE Exploit Author: 0x00-null - Mohamed Kamel BOUZEKRIA Exploit Date: September 3, 2024 Vendor Homepage: https://chamilo.org/ Software Link: https://chamilo.org/ Version:...

8.1CVSS7.5AI score0.76084EPSS
Exploits27
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-38318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or...

9.8CVSS8.4AI score0.01096EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/02/27 3:31 p.m.17 views

MongoDB Shell may be susceptible to Control Character Injection via autocomplete

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using ‘tab’ to autocomplete...

7.6CVSS7.1AI score0.00287EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/06 3:5 a.m.8 views

CVE-2025-21506

Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite component: Technology Foundation. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project...

8.1CVSS6.8AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:57 a.m.7 views

CVE-2025-21516

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customer Care...

8.1CVSS6.8AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:56 a.m.12 views

CVE-2022-21250

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: GL Accounts. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Trade Management...

8.1CVSS6.8AI score0.01105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:52 p.m.16 views

CVE-2019-5012

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the startProcess command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vulnerability to raise the...

7.8CVSS7AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:58 p.m.10 views

CVE-2020-14589

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

7.5CVSS6.6AI score0.0193EPSS
Exploits0
Rows per page
Query Builder