Lucene search
K

927 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.6 views

CVE-2026-34298

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...

4.7CVSS5.7AI score0.00218EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/21 8:35 p.m.7 views

CVE-2026-22001

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

2.7CVSS7AI score0.00259EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.11 views

Oracle Business Process Management Suite 安全漏洞

Oracle Business Process Management Suite is a business process management platform provided by Oracle, a company in the United States. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of the Oracle Business Process Management Suite contain security vulnerabilities. These vulnerabilities stem from issues with...

6.1CVSS7.3AI score0.00179EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

Oracle PeopleSoft Enterprise PeopleTools 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation in the United States, designed to keep PeopleSoft applications in sync with user needs and expectations. There were security vulnerabilities in the versions of Oracle PeopleSoft Enterprise PeopleTools 8.61 to...

5.4CVSS7.2AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34075

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.4CVSS5.7AI score0.00169EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 9:30 a.m.6 views

EUVD-2026-23798

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS6AI score0.00366EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 7:36 a.m.4 views

CVE-2026-5964 Digiwin|EasyFlow .NET - SQL Injection

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS6AI score0.00366EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/20 7:32 a.m.33 views

CVE-2026-5963 Digiwin|EasyFlow .NET - SQL Injection

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00366EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/20 2:59 a.m.9 views

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

7.5CVSS5.8AI score0.00693EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

Red Hat System Security Services Daemon 安全漏洞

The Red Hat System Security Services Daemon is a daemon process component in Linux developed by Red Hat Inc. There is a security vulnerability associated with the Red Hat System Security Services Daemon. This vulnerability stems from the improper handling of raw pipe bytes by the...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:8 a.m.2 views

CVE-2026-27681

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

9.9CVSS5.9AI score0.00501EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 12:0 a.m.4 views

CVE-2026-38532

A Broken Object-Level Authorization BOLA in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request...

8.1CVSS5.8AI score0.00351EPSS
Exploits2References2
CVE
CVE
added 2026/04/10 6:1 p.m.17 views

CVE-2026-33141

Chamilo LMS contains an IDOR in the REST API stats endpoint (CVE-2026-33141). Prior to version 2.0.0-RC.3, any authenticated user (including ROLE_USER) could read another user’s learning progress, certificates, and gradebook scores for any course without enrollment or supervisory relationship. Th...

6.5CVSS5.8AI score0.00141EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/08 11:29 p.m.5 views

SUSE CVE-2026-5302

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

8.1CVSS5.9AI score0.00261EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/04/08 5:1 p.m.5 views

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

7.5CVSS5.9AI score0.00693EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/08 4:59 p.m.8 views

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

7.5CVSS5.9AI score0.00693EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/08 3:31 p.m.4 views

EUVD-2026-20461

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

6.3CVSS6AI score0.00261EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/08 12:5 p.m.1 views

CVE-2026-5302 Permissive Cross-domain Policy with Untrusted Domains in coolercontrold

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

6.3CVSS6AI score0.00261EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/08 12:5 p.m.2 views

CVE-2026-5302

CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...

6.3CVSS6AI score0.00261EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

CoolerControl 安全漏洞

CoolerControl is an open-source control software for cooling devices developed by CoolerControl. Versions of CoolerControl prior to 4.0.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect CORS configurations, which could allow unverified remote attackers to read...

8.1CVSS5.9AI score0.00261EPSS
Exploits1References2
Rows per page
Query Builder