Lucene search
+L

171 matches found

OSV
OSV
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2105

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

8.2CVSS7.3AI score0.01169EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/01/20 3:15 p.m.28 views

CVE-2021-2009

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

6.8CVSS6.6AI score0.02359EPSS
Exploits0References2
NVD
NVD
added 2020/08/11 8:15 p.m.48 views

CVE-2020-8911

A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code MAC, which then allows an attacker who has write access to the target's S3 bucket and can observe...

5.6CVSS5.9AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/05/26 12:0 a.m.29 views

Huawei Data Communication: Multiple Vulnerabilities in IPsec IKE implementations of Huawei Firewall Products (huawei-sa-20180411-01-Bleichenbacher)

There is a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

7.8CVSS0.3AI score0.01082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/04/14 9:33 p.m.59 views

CVE-2020-2754

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS2.5AI score0.04128EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/10/09 6:26 p.m.14 views

CVE-2019-5507

SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information...

5.2AI score0.00367EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/07/23 10:31 p.m.16 views

CVE-2019-2811

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

5.8AI score0.02008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/23 6:20 p.m.8 views

OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Utilities. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

5.3CVSS7.3AI score0.04351EPSS
Exploits0References4
NVD
NVD
added 2019/02/22 11:29 p.m.23 views

CVE-2019-6485

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller ADC 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10....

5.9CVSS5.4AI score0.02315EPSS
Exploits0References3
NVD
NVD
added 2019/02/04 9:29 p.m.11 views

CVE-2019-1000012

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2
NVD
NVD
added 2019/02/04 9:29 p.m.12 views

CVE-2019-1000014

Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from malicious/compromised mirro...

8.8CVSS8.9AI score0.0179EPSS
Exploits0References1
OSV
OSV
added 2019/02/04 9:29 p.m.20 views

CVE-2019-1000013

Hex package manager hexcore version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromis...

8.8CVSS7.3AI score
Exploits0References2
Prion
Prion
added 2019/02/04 9:29 p.m.10 views

Design/Logic Flaw

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

6.8CVSS8.8AI score0.00877EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/02/04 9:29 p.m.29 views

Design/Logic Flaw

Hex package manager hexcore version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromis...

6.8CVSS8.8AI score0.00877EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/02/04 9:0 p.m.22 views

CVE-2019-1000012

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

8.9AI score0.00877EPSS
Exploits0References2
CVE
CVE
added 2019/02/04 9:0 p.m.53 views

CVE-2019-1000013

Hex Core (Hex package manager) versions 0.3.0 and earlier contain a Signing oracle vulnerability in the Package registry verification that can allow code execution. The issue arises when a victim fetches packages from a malicious or compromised mirror, potentially modifying packages without detec...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/02/04 9:0 p.m.48 views

CVE-2019-1000012

Hex package manager versions 0.14.0–0.18.2 contain a signing oracle vulnerability in the package registry verification, which can allow package modifications to go undetected and lead to code execution when victims fetch packages from a malicious/compromised mirror. The issue is tied to the regis...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2018/12/04 12:0 a.m.28 views

openSUSE: Security Advisory for openssh (openSUSE-SU-2018:3946-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.3AI score0.98631EPSS
Exploits23References3
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.202 views

SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2018:3910-1)

This update for openssh fixes the following issues : Following security issues have been fixed : CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully...

5.9CVSS6.6AI score0.98631EPSS
Exploits23References6
Prion
Prion
added 2018/08/21 1:29 p.m.23 views

Design/Logic Flaw

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbache...

4.3CVSS6.1AI score0.01045EPSS
Exploits0References1Affected Software4
Rows per page
Query Builder