CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

144 matches found

DotNetNuke 9.2 - 9.2.2 - Weak Encryption & Cookie Deserialization

DNN DotNetNuke versions 9.2 through 9.2.2 use a weak encryption algorithm to protect input parameters because of an incomplete fix for CVE-2018-15811. This cryptographic weakness enables attackers to craft malicious DNNPersonalization cookies that can be deserialized, leading to remote code...

7.5CVSS7.4AI score0.74048EPSS

Exploits5References5

The Hacker News•added 2026/06/09 5:3 p.m.•24 views

Meta to Use Off-Site Business Data for Feed and AI Personalization

Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence AI chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to ma...

5.7AI score

Exploits0

RedhatCVE•added 2026/06/05 7:38 p.m.•10 views

CVE-2026-34298

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...

4.7CVSS7.3AI score0.00218EPSS

Exploits0References1

EUVD•added 2026/04/21 9:31 p.m.•6 views

EUVD-2026-24385

4.7CVSS5.7AI score0.00218EPSS

Exploits0References2

NVD•added 2026/04/21 9:16 p.m.•7 views

CVE-2026-34298

4.7CVSS0.00218EPSS

Exploits0References1

CNNVD•added 2026/04/21 12:0 a.m.•9 views

Oracle Applications Framework 安全漏洞

Oracle Applications Framework is a MVC-based web development framework developed by Oracle, a company in the United States. Versions 12.2.9 to 12.2.15 of the Oracle Applications Framework contain security vulnerabilities. These vulnerabilities stem from issues with the Personalization component...

4.7CVSS7.2AI score0.00218EPSS

Exploits0References2

Rosalinux•added 2026/02/16 12:24 p.m.•9 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS

Exploits0

Rosalinux•added 2026/02/16 10:56 a.m.•5 views

Advisory ROSA-SA-2026-3178

Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 unaffected versions = opensc-0.20.0-8.0.1.rv30 affected versions opensc-0.20.0-8.0.1.rv30 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS

Exploits0

RedhatCVE•added 2026/01/09 9:6 a.m.•15 views

CVE-2024-34820

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS6.8AI score0.00437EPSS

Exploits0References1

Packet Storm News•added 2025/12/18 12:0 a.m.•9 views

Security Risks of Agentic Vehicles: A Systematic Analysis of Cognitive and Cross-Layer Threats

Agentic AI is increasingly being explored and introduced in both manually driven and autonomous vehicles, leading to the notion of Agentic Vehicles AgVs, with capabilities such as memory-based personalization, goal interpretation, strategic reasoning, and tool-mediated assistance. While framework...

7AI score

Exploits0

RedhatCVE•added 2025/10/22 8:18 p.m.•5 views

CVE-2025-53064

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications...

4.3CVSS5.2AI score0.0022EPSS

Exploits0References1