Lucene search
K

168 matches found

Rockylinux
Rockylinux
added 5 days ago6 views

tomcat security, bug fix, and enhancement update

An update is available for tomcat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...

7.5CVSS7AI score0.21691EPSS
Exploits6
RedHat Linux
RedHat Linux
added last week13 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.21691EPSS
Exploits6References3
OSV
OSV
added 2026/07/06 8:16 p.m.2 views

DEBIAN-CVE-2026-41516

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

3.3CVSS6AI score0.00099EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/16 7:33 a.m.8 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS6.9AI score0.00303EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.14 views

CVE-2026-34266

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft component: Absence Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS7.3AI score0.00373EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.11 views

PT-2026-44534

Name of the Vulnerable Software and Affected Versions Oracle REST Data Services versions 24.2.0 through 26.1.0 Description An issue in the Core component allows an unauthenticated attacker with network access via HTTPS to compromise the system. Successful exploitation can result in a partial deni...

5.3CVSS5.4AI score0.00258EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 10:3 p.m.64 views

CVE-2026-43914

Vaultwarden prior to 1.35.4 is affected. The unprotected two‑factor login endpoint /api/two-factor/send-email-login (email.rs) can act as an oracle to determine if a username/password is correct, enabling brute‑force attempts without rate‑limiting even for users without email 2FA. Impact: bypasse...

9.8CVSS5.8AI score0.00288EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/06 2:42 p.m.7 views

BIT-JAVA-2021-2432

Vulnerability in the Java SE product of Oracle Java SE component: JNDI. The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

4.3CVSS6.8AI score0.03701EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.10 views

PT-2026-34146

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker...

6.8CVSS5.8AI score0.0011EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.6 views

CVE-2026-33292

WWBN AVideo is an open source video platform. Prior to version 26.0, the HLS streaming endpoint view/hls.php is vulnerable to a path traversal attack that allows an unauthenticated attacker to stream any private or paid video on the platform. The videoDirectory GET parameter is used in two...

7.5CVSS5.9AI score0.00688EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/03/24 10:36 a.m.6 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00337EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/19 8:52 p.m.9 views

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2025 - Includes Oracle July 2025 CPU

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

8.1CVSS5.9AI score0.01058EPSS
Exploits1Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-28490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified i...

8.3CVSS6.6AI score0.00142EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/19 10:45 a.m.9 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle January 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impac...

7.5CVSS6.9AI score0.00633EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2026/01/19 4:52 a.m.12 views

K000159608: Oracle GraalVM for JDK vulnerability CVE-2025-61755

Security Advisory Description Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.16 and 21.0.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.7CVSS4.8AI score0.00239EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.6 views

PT-2025-48348

🔍 𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐕𝐄 𝐛𝐫𝐞𝐚𝐤𝐝𝐨𝐰𝐧 𝐚𝐯𝐚𝐢𝐥𝐚𝐛𝐥𝐞 𝐧𝐨𝐰! Oracle CVE-2024-21854 is under active attack even after being patched. Learn why patch delays are dangerous and how to stay secure. 🌐 Explore the write-up → https://t.co/YSCfFvYLPP Join the discussion and tell us what you think!...

6.9AI score
Exploits0References1
NVD
NVD
added 2025/10/21 8:20 p.m.9 views

CVE-2025-61760

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00141EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/10/10 6:28 p.m.207 views

Exploit for CRLF Injection in Oracle Concurrent_Processing

Oracle E-Business Suite — CVE-2025-61882 This repository contai...

9.8CVSS7AI score0.99722EPSS
Exploits15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-2315

Malware in sbrugna...

5.9CVSS5.9AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2008-1829

Malware in sbrugna...

9CVSS6.2AI score0.02036EPSS
Exploits0References11
Rows per page
Query Builder