Lucene search
K

56 matches found

CNNVD
CNNVD
added 2026/01/20 12:0 a.m.10 views

Oracle MySQL security vulnerabilities

Oracle MySQL is an open-source relational database management system developed by Oracle Corporation in the United States. The MySQL Server is one of the database server components of Oracle MySQL. Vulnerabilities exist in versions 8.0.0 to 8.0.44, 8.4.0 to 8.4.7, and 9.0.0 to 9.5.0 of the MySQL...

4.9CVSS7.1AI score0.00337EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2025/12/08 12:0 a.m.7 views

1Panel IP Access Control Bypass via Untrusted X-Forwarded-For Headers

The server trusts all reverse-proxy headers by default, so any remote client can spoof X-Forwarded-For to bypass IP-based protections AllowIPs, API IP whitelist, “localhost-only” checks. All IP-based access control becomes ineffective...

6.5CVSS7AI score0.00204EPSS
Exploits0References5Affected Software1
NCSC
NCSC
added 2025/09/25 10:42 a.m.87 views

Vulnerabilities fixed in Cisco IOS and Cisco IOS XE Software

Cisco has fixed vulnerabilities in Cisco IOS and Cisco IOS XE Software. The vulnerabilities include several issues, including a buffer overflow in the command-line interface CLI that can lead to unexpected device restarts and a vulnerability in the TACACS+ protocol implementation that allows...

8.8CVSS6.9AI score0.37613EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2025/09/17 8:11 a.m.5 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

2.7CVSS5.7AI score0.00485EPSS
Exploits0References5
OSV
OSV
added 2025/09/05 12:52 p.m.6 views

CLSA-2025-1757076749 Fix CVE(s): CVE-2025-54574

SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574...

9.8CVSS7.3AI score0.22918EPSS
Exploits1References1
OSV
OSV
added 2025/09/05 12:51 p.m.10 views

CLSA-2025-1757076677 Fix CVE(s): CVE-2025-54574

SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574...

9.8CVSS7.3AI score0.22918EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.5 views

70mai Dash Cam 1S 安全漏洞

70mai Dash Cam 1S is a car recorder from 70mai 70mai. The 70mai Dash Cam 1S suffers from a security vulnerability that originates from the fact that an attacker can bypass the device authorization mechanism of the official mobile application by connecting directly to the device's network and...

7.1CVSS6.7AI score0.00273EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/19 10:58 p.m.13 views

CVE-2024-37359 Hitachi Vantara Pentaho Business Analytics Server – Server Side Request Forgery

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. CWE-918 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0.0...

8.6CVSS0.00476EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.3 views

PT-2024-6848 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Microsoft Simple Certificate Enrollment Protocol affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the implementation of the Simple Certificate...

7.8CVSS6.8AI score0.02309EPSS
Exploits0References7
Fedora
Fedora
added 2024/05/29 3:37 a.m.15 views

[SECURITY] Fedora 40 Update: qt6-qtopcua-6.7.1-1.fc40

Qt OPC UA API provides classes and functions to access the OPC UA protocol...

9.8CVSS6.2AI score0.0097EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.24 views

The vulnerabilities of LOV components in terms of technical maintenance, repairs, and major system overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems. These systems are part of the Oracle E-Business Suite, allowing attackers to gain access to read, modify, add, or delete data.

The vulnerability of LOV components in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, add, or...

6.4CVSS7.2AI score0.00382EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

9.8CVSS7.3AI score0.01138EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.3 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

9.8CVSS7.5AI score0.01651EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

9.8CVSS7.3AI score0.01138EPSS
Exploits0References5
OSV
OSV
added 2024/05/01 6:15 a.m.5 views

DEBIAN-CVE-2024-27016

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access protocol field...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/01 12:0 a.m.5 views

PT-2024-25291 · Unknown · Radio Frequency Manager

Name of the Vulnerable Software and Affected Versions: Radio Frequency Manager affected versions not specified Description: An unauthenticated Denial-of-Service DoS vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this issue...

5.3CVSS7AI score0.0053EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/17 4:6 p.m.8 views

OpenJDK: arbitrary Java code execution in Nashorn (8314284)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or...

5.9CVSS7.2AI score0.01026EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.5 views

Oracle Business Intelligence Enterprise Edition 安全漏洞

Oracle Business Intelligence Enterprise Edition is an intelligent business analytics software from Oracle. Visualize and analyze enterprise data to support decision-making, reduce total cost of ownership, and improve ROI across the organization. A security vulnerability exists in Oracle Business...

5.4CVSS6.9AI score0.00377EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.6 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7.3AI score0.01883EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/07/19 9:7 p.m.28 views

CVE-2022-21537

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

4.9CVSS5.3AI score0.01439EPSS
Exploits0
Rows per page
Query Builder