Lucene search
K

360 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. The supported versions affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. This easily exploitable vulnerability allows an...

4.3CVSS6.8AI score0.03444EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38729

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows...

4.3CVSS5.8AI score0.03444EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

Optoma CinemaX P2 安全漏洞

The Optoma CinemaX P2 is a super-short-throw 4K laser home projector from Optoma. The Optoma CinemaX P2 has a security vulnerability. This vulnerability stems from exposing the Android debugging bridge on port 5555 without authentication, while RSA key verification is disabled. Additionally, ther...

8.8CVSS5.8AI score0.00216EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 9:31 p.m.6 views

EUVD-2026-28113

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...

4.3CVSS5.8AI score0.00104EPSS
Exploits0References3
OSV
OSV
added 2026/05/06 2:42 p.m.7 views

BIT-JAVA-MIN-2021-35556

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS7AI score0.07819EPSS
Exploits0References14
OSV
OSV
added 2026/05/06 2:41 p.m.6 views

BIT-JAVA-2020-14562

Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

5.3CVSS7AI score0.05166EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.7 views

PT-2026-37691

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS6.8AI score0.04202EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37683

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS6.8AI score0.0404EPSS
Exploits0References28
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

WatchGuard Agent 安全漏洞

WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. There is a security vulnerability in WatchGuard Agent, which stems from a stack-based buffer overflow issue. Unauthorized attackers within the same local network may exploit...

7.1CVSS6.1AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37833

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS7.2AI score0.0057EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37666

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks o...

4.3CVSS6.7AI score0.03377EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.12 views

CVE-2026-7161

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.8AI score0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient trust-based input validation in Cast, which could allow attackers on the local network to bypass the origin...

4.3CVSS5.8AI score0.00104EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

U-SPEED N300 安全漏洞

The U-SPEED N300 is a wireless router device produced by the U-SPEED company. The U-SPEED N300 V1.0.0 version has a security vulnerability. This vulnerability stems from the lack of rate limiting or account locking protection in the /api/login endpoint. As a result, local network attackers may...

7.5CVSS5.8AI score0.00349EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/28 7:52 a.m.4 views

EUVD-2025-209580

Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime update servers can return a malicious executable in response to an update request. This allows the...

4.8CVSS6.3AI score0.00179EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

SenseLive X3050 安全漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a security vulnerability, which stems from improper execution of access control mechanisms. This could allow attackers with network access righ...

9.8CVSS5.9AI score0.00712EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

SenseLive X3050 安全漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a security vulnerability, which stems from its reliance on unencrypted HTTP for management communications. This vulnerability may allow attacke...

6.9CVSS5.8AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/23 11:56 p.m.29 views

CVE-2026-40431 SenseLive X3050 Cleartext transmission of sensitive information

A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same...

6.9CVSS0.0019EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

Intrado 911 Emergency Gateway 安全漏洞

Intrado 911 Emergency Gateway is an internally deployed management device from the American company Intrado. There is a security vulnerability present in Intrado 911 Emergency Gateway, which stems from path traversal conditions. This vulnerability could allow attackers with existing network acces...

9.3CVSS5.8AI score0.00554EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/21 8:35 p.m.4 views

CVE-2026-34267

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks...

4.9CVSS7AI score0.00323EPSS
Exploits0
Rows per page
Query Builder