Lucene search
K

45 matches found

NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46916

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Management Specs. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

8.8CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/07 7:0 a.m.41 views

CVE-2026-11455 FoundationAgents MetaGPT common.py check_cmd_exists command injection

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS0.00936EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 4:38 p.m.8 views

Security Bulletin: Vulnerability in IBM's Common Cryptographic Architecture (CCA) (CVE-2025-13375)

Summary IBM Common Cryptographic Architecture CCA is used to interface with the IBM Hardware Security Module HSM. A security vulnerability exists that has a high confidentiality, integrity and availability impact on card and consuming applications. Vulnerability Details CVEID:CVE-2025-13375...

9.8CVSS6.1AI score0.00506EPSS
Exploits0Affected Software3
OSV
OSV
added 2026/04/25 6:8 a.m.4 views

BELL-CVE-2026-31641

Bulletin has no description...

7.8CVSS7AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29559

A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...

6.5CVSS6.1AI score0.00719EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/20 10:16 p.m.5 views

CVE-2026-21990

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

8.2CVSS7AI score0.00196EPSS
Exploits0References2
CNVD
CNVD
added 2025/10/30 12:0 a.m.4 views

Google Chrome on Windows Media Module Improperly Implemented Vulnerability

Google Chrome on Windows is a web browser developed by Google Inc. that supports Windows 10 and later systems and provides a fast and secure web browsing experience. Google Chrome on Windows suffers from a Media module misimplementation vulnerability, which can be exploited by attackers to...

6.3CVSS6.8AI score0.00198EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-14330

Malware in sbrugna...

8.5CVSS8.6AI score0.01348EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-7806

Malware in sbrugna...

4.3CVSS4.9AI score0.00973EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-24067

Malware in sbrugna...

6.5CVSS6.5AI score0.00421EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7807

Malware in sbrugna...

6.1CVSS6.3AI score0.00709EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-22474

Malicious code in bioql PyPI...

5.3CVSS4.3AI score0.00471EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-40665

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00621EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 7:17 a.m.1 views

Security Bulletin: urllib3 Proxy-Authorization header only applies with ProxyManager, not direct requests

Summary urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...

6.5CVSS6.7AI score0.01141EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2025/08/11 2:20 p.m.8 views

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.8AI score0.00229EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2025/07/29 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2025-9a83222bca)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.5AI score0.00158EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/25 3:4 p.m.37 views

CVE-2025-32432 Craft CMS Allows Remote Code Execution

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...

10CVSS9.9AI score0.99803EPSS
Exploits14References5
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.270 views

LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection

Exploit Title: LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection Google Dork: inurl:"/wp-json/learnpress/v1/" OR inurl:"/wp-content/plugins/learnpress/" OR "powered by LearnPress" AND "version 4.2.7" Date: Current Date, e.g., October 30, 2024 Exploit Author: Your Name or Username Vendor...

10CVSS9.6AI score0.63134EPSS
Exploits6
Cvelist
Cvelist
added 2025/03/11 12:38 a.m.15 views

CVE-2025-27432 Missing Authorization check in SAP Electronic Invoicing for Brazil (eDocument Cockpit)

The eDocument Cockpit Inbound NF-e in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthorized attacker could call each transaction an...

2.4CVSS0.00182EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-24807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.6.10, 2.10.7,...

7.1CVSS6AI score0.00198EPSS
Exploits0References3
Rows per page
Query Builder