Lucene search
K

1767 matches found

Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-50072

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the Core component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Successful...

7.5CVSS5.8AI score0.0014EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.21 views

PT-2026-49981

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system,...

7.5CVSS5.8AI score0.00114EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49948

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...

3.2CVSS5.8AI score0.00162EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-49947

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...

3.2CVSS5.8AI score0.00162EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.16 views

SAP NetWeaver AS Java Directory Traversal (3727078)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a directory traversal vulnerability as referenced in SAP Security Note 3727078: - SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon...

9CVSS5.4AI score0.00454EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 1:16 a.m.14 views

CVE-2026-40128

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

9CVSS0.00454EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:20 a.m.38 views

CVE-2026-40128 Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

9CVSS0.00454EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 12:20 a.m.99 views

CVE-2026-40128

CVE-2026-40128 concerns SAP NetWeaver Application Server Java (Web Container). An unauthenticated attacker can craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. This could allow viewing or modifying sensit...

9CVSS5.5AI score0.00454EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.12 views

CVE-2026-35242

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

7.5CVSS7.3AI score0.00107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.9 views

SUSE SLES15 Security Update : java-1_8_0-openj9 (SUSE-SU-2026:2036-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2036-1 advisory. This update for java-180-openj9 fixes the following issues - CVE-2026-1188: eclipse: ensure room for separator in...

9.8CVSS7.4AI score0.00702EPSS
Exploits0References25
GithubExploit
GithubExploit
added 2026/05/25 6:7 p.m.94 views

MS16-032-Cobalt-Strike-LPE-BOF

MS16-032 Beacon Object File BOF A Cobalt Strike Beacon Obje...

7.8CVSS7.3AI score0.37164EPSS
Exploits14
SUSE Linux
SUSE Linux
added 2026/05/21 11:56 a.m.15 views

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues CVE-2026-1188: eclipse: ensure room for separator in omrsysinfogetprocessorfeaturestring bsc1265261. CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated...

8.7CVSS7.3AI score0.00702EPSS
Exploits0References32
RedHat Linux
RedHat Linux
added 2026/05/19 1:29 p.m.12 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.7AI score0.00467EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.15 views

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2026:1955-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1955-1 advisory. This update for java-180-openjdk fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an...

7.5CVSS5.9AI score0.00702EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/05/18 7:56 a.m.18 views

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specifie...

8.7CVSS7.2AI score0.00702EPSS
Exploits0References28
OSV
OSV
added 2026/05/06 2:45 p.m.5 views

BIT-JAVA-MIN-2025-50063

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

7.3CVSS7.1AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 2:45 p.m.3 views

BIT-JAVA-2025-50063

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

7.3CVSS7.1AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2026/05/03 9:56 a.m.7 views

OESA-2026-2156 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

5CVSS5.8AI score0.00153EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/28 6:49 a.m.6 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.54 views

Windows Persistence via UserInitMprLogonScript Registry Key

This Python script demonstrates a Windows persistence technique based on modifying the HKCU\Environment\UserInitMprLogonScript registry value, which allows execution of a program each time the user logs in...

5.5AI score
Exploits0
Rows per page
Query Builder