Lucene search
K

212 matches found

RedHat Linux
RedHat Linux
added 2025/09/17 3:33 p.m.9 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

2.7CVSS5.7AI score0.00485EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.10 views

PT-2026-43419

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7 macOS Sonoma versions prior to 14.8 macOS Tahoe versions prior to 26 Description A permissions issue exists where an application may be able to modify protected parts of the file system. Recommendations...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-21449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are...

7.5CVSS7.8AI score0.48235EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-20932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions...

7.5CVSS6.3AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-21004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are...

2.5CVSS7.4AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-1434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacke...

5.9CVSS6.7AI score0.01026EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-21012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versio...

3.7CVSS6.2AI score0.00902EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-21496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracl...

5.3CVSS6.3AI score0.02805EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.5 views

PT-2025-33647 · Unknown · File Station 5

Name of the Vulnerable Software and Affected Versions: File Station 5 versions prior to 5.5.6.4933 Description: An out-of-bounds write vulnerability affects File Station 5. If a remote attacker gains a user account, they can exploit the vulnerability to modify or corrupt memory. Recommendations:...

7.1CVSS7.3AI score0.0035EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-20969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior...

5.5CVSS5.8AI score0.00839EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-21882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily...

2.7CVSS5.9AI score0.00638EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 10:21 p.m.3 views

CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter

pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...

8.8CVSS7.2AI score0.00303EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-21635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable...

6.5CVSS5.9AI score0.01027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/02 12:0 a.m.6 views

PT-2025-31735 · WordPress · Ultimate Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Ultimate Addons for Elementor versions up to and including 2.4.6 Description: The Ultimate Addons for Elementor plugin for WordPress contains a flaw that allows unauthorized data modification. A missing capability check within the save hfe...

4.3CVSS6.2AI score0.00227EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/07/17 12:0 a.m.6 views

CVE-2025-53964

Removed by vendor...

9.6CVSS6.7AI score0.00427EPSS
Exploits1
OSV
OSV
added 2025/07/15 8:15 p.m.1 views

CVE-2025-50060

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

8.1CVSS5.8AI score0.00258EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.3 views

Oracle Fusion Middleware 访问控制错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

4CVSS7.1AI score0.00157EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/07/01 1:23 p.m.44 views

cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...

7.5CVSS6.6AI score0.01109EPSS
Exploits7References10
RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.8 views

CVE-2025-4571

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated...

5.4CVSS6.7AI score0.00253EPSS
Exploits0References1
Amazon
Amazon
added 2025/06/23 12:0 a.m.7 views

Medium: perl-YAML-LibYAML

Issue Overview: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified CVE-2025-40908 Affected Packages: perl-YAML-LibYAML Issue Correction: Run dnf update perl-YAML-LibYAML --releasever 2023.7.20250623 or dnf update --advisory ALAS2023-2025-1036...

9.1CVSS6.8AI score0.00368EPSS
Exploits1
Rows per page
Query Builder