Lucene search
K

61 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.9 views

Oracle iAssets 安全漏洞

Oracle iAssets is a corporate fixed asset self-service management system developed by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle iAssets contain security vulnerabilities. These vulnerabilities stem from issues with the Internal Operations component, which may all...

9.9CVSS5.8AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Oracle Payroll 安全漏洞

Oracle Payroll is a corporate payroll calculation and distribution management system developed by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle Payroll contain security vulnerabilities. These vulnerabilities stem from issues with the Internal Operations component,...

8.1CVSS5.8AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/14 8:22 p.m.7 views

CVE-2025-37176

A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privilege...

7.2CVSS7.8AI score0.01245EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 8:7 p.m.11 views

CVE-2025-37176

CVE-2025-37176 is an authenticated command-injection vulnerability in Aruba AOS-8. An authenticated privileged user can alter a package header to inject shell commands, potentially causing arbitrary command execution with the privileges of the impacted mechanism. The issue is documented across mu...

7.2CVSS7.4AI score0.01245EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-20249

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30239

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/21 6:8 a.m.22 views

CVE-2025-10458

Parameters are not validated or sanitized, and are later used in various internal operations...

7.6CVSS7AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/09/19 6:15 a.m.5 views

CVE-2025-10458

Parameters are not validated or sanitized, and are later used in various internal operations...

7.6CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/09/19 6:15 a.m.6 views

CVE-2025-10458

Parameters are not validated or sanitized, and are later used in various internal operations...

7.6CVSS5.5AI score
Exploits0References1
Cvelist
Cvelist
added 2025/09/19 5:20 a.m.7 views

CVE-2025-10458 Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values

Parameters are not validated or sanitized, and are later used in various internal operations...

7.6CVSS0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.3 views

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in zephyr that stems from unvalidated or cleaned parameters that could lead to the exploitation of internal operations...

7.6CVSS6.5AI score0.00197EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.7 views

PT-2025-38512

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description The software exhibits a flaw due to improper validation or sanitization of parameters. These parameters are subsequently utilized in internal operations,...

7.6CVSS6.2AI score0.00197EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.9 views

The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a business automation solution, allows a perpetrator to gain access to read, modify, and delete information.

The vulnerability of the Internal Operations component of the Oracle Lease and Finance Management system, a part of the Oracle E-Business Suite, relates to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete...

8.5CVSS7.2AI score0.00322EPSS
Exploits0References3Affected Software2
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Lease and Finance Management...

8.1CVSS7AI score0.00322EPSS
Exploits0References2
NVD
NVD
added 2025/07/07 3:15 p.m.6 views

CVE-2025-6712

MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory...

6.5CVSS0.00276EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 9:15 a.m.6 views

CVE-2025-20968

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery...

9.1CVSS5.8AI score0.00267EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2024/02/21 2:28 a.m.51 views

K000138649: GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553

Security Advisory Description CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. CVE-2024-0553 A vulnerability was found in GnuTLS. The response times to...

7.5CVSS6.5AI score0.01614EPSS
Exploits1Affected Software24
BDU FSTEC
BDU FSTEC
added 2024/01/24 12:0 a.m.4 views

The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite automation system allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data...

5.5CVSS6.6AI score0.00163EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.5 views

PT-2023-1182 · Oracle · Oracle Mysql Cluster

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Cluster versions 7.4.38 and prior Oracle MySQL Cluster versions 7.5.28 and prior Oracle MySQL Cluster versions 7.6.24 and prior Oracle MySQL Cluster versions 8.0.31 and prior Description: The issue is related to insufficient inpu...

6.5CVSS8.1AI score0.00605EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/11/05 12:0 a.m.4 views

The vulnerability of the Internal Operations component of the application’s access, organization, and interaction with various types of tasks in the Oracle Universal Work Queue system—a business automation tool within the Oracle E-Business Suite—allows a perpetrator to gain full control over the application.

The vulnerability of the Internal Operations component of the application for accessing, organizing, and interacting with various types of work in the Oracle Universal Work Queue system, a business automation solution from Oracle E-Business Suite, is related to insufficient validation of input...

9CVSS7.7AI score0.01805EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder