1767 matches found
PT-2026-50072
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the Core component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Successful...
PT-2026-49981
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system,...
PT-2026-49948
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...
PT-2026-49947
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...
SAP NetWeaver AS Java Directory Traversal (3727078)
The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a directory traversal vulnerability as referenced in SAP Security Note 3727078: - SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon...
CVE-2026-40128
SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...
CVE-2026-40128 Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)
SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...
CVE-2026-40128
CVE-2026-40128 concerns SAP NetWeaver Application Server Java (Web Container). An unauthenticated attacker can craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. This could allow viewing or modifying sensit...
CVE-2026-35242
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...
SUSE SLES15 Security Update : java-1_8_0-openj9 (SUSE-SU-2026:2036-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2036-1 advisory. This update for java-180-openj9 fixes the following issues - CVE-2026-1188: eclipse: ensure room for separator in...
MS16-032-Cobalt-Strike-LPE-BOF
MS16-032 Beacon Object File BOF A Cobalt Strike Beacon Obje...
Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues CVE-2026-1188: eclipse: ensure room for separator in omrsysinfogetprocessorfeaturestring bsc1265261. CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated...
freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...
SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2026:1955-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1955-1 advisory. This update for java-180-openjdk fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an...
Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specifie...
BIT-JAVA-MIN-2025-50063
Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...
BIT-JAVA-2025-50063
Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...
OESA-2026-2156 mysql security update
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...
freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...
Windows Persistence via UserInitMprLogonScript Registry Key
This Python script demonstrates a Windows persistence technique based on modifying the HKCU\Environment\UserInitMprLogonScript registry value, which allows execution of a program each time the user logs in...