Lucene search
K

484 matches found

RedHat Linux
RedHat Linux
added 2025/04/16 5:29 p.m.11 views

openjdk: Better TLS connection support (Oracle CPU 2025-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...

7.4CVSS6.7AI score0.0073EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/16 9:57 a.m.6 views

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

4.8CVSS7.4AI score0.00522EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.8 views

The vulnerability of the Python RSA cryptographic library, which stems from the use of cryptographic algorithms with defects, allows a perpetrator to gain access to confidential data.

The vulnerability of the Python RSA cryptographic library is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data remotely...

7.8CVSS7.1AI score0.01359EPSS
Exploits1References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.6 views

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

10CVSS8AI score0.00826EPSS
Exploits0References8Affected Software4
CNNVD
CNNVD
added 2025/03/21 12:0 a.m.3 views

EBM Technologies EBM Maintenance Center SQL注入漏洞

EBM Technologies EBM Maintenance Center is a maintenance center platform from China-based EBM Technologies EBM Technologies. A SQL injection vulnerability exists in EBM Technologies EBM Maintenance Center versions prior to 25.04.31435, which stems from an SQL injection that could lead to a remote...

8.8CVSS7.8AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/07 12:0 a.m.5 views

QNAP Systems QTS、QNAP Systems QuTS hero和QNAP Systems QuLog Center 代码问题漏洞

QNAP Systems QuLog Center and others are products of QNAP Systems, Inc.QNAP Systems QuLog Center is a report field that records events reported by the system.QNAP Systems QTS is an entry-level operating system.QNAP Systems QuTS hero is an operating system. Systems QuTS hero is an operating system...

5.1CVSS6.9AI score0.00411EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.9 views

The vulnerability of the d_status.asp component of the D-Link DIR-816A router’s microprogramming system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the dstatus.asp component of the D-Link DIR-816A2 router’s microprogramming system is related to the disclosure of information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially...

7.8CVSS7.8AI score0.00451EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.6 views

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read data or modify data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain read access to data or modify data using network packets...

4.2CVSS7.7AI score0.00237EPSS
Exploits0References4Affected Software1
Amazon
Amazon
added 2025/02/05 12:0 a.m.7 views

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...

4.8CVSS6.3AI score0.00971EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.8 views

The vulnerability of the GraphQL Query Handler component of the software platform based on Git, which is used for collaborative code development in GitLab EE/CE, allows a perpetrator to access confidential information.

The vulnerability of the GraphQL Query Handler component in the Git-based software platform, which is used for collaborative code development in GitLab EE/CE, is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to gain access to confidential...

5.3CVSS5.6AI score0.00418EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.6 views

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines, related to the use of strictly encrypted credentials, allows attackers to gain unauthorized access to protected information.

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines relates to the use of strictly encrypted authentication credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information remotely...

5.3CVSS5.4AI score0.0041EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/13 12:0 a.m.6 views

The vulnerability of the HTTP client library for Python urllib3, related to improper resource transfer between components, allows attackers to gain unauthorized access to protected information.

The vulnerability of the HTTP client library for Python urllib3 is related to improper handling of the Proxy-Authorization header during redirects between sources. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

5.4CVSS6.7AI score0.01141EPSS
Exploits1References10Affected Software4
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.5 views

PT-2025-3052

Name of the Vulnerable Software and Affected Versions visionOS versions prior to 2.2 tvOS versions prior to 18.2 Safari versions prior to 18.2 watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 macOS Sequoia versions prior to 15.2 Description The issue is...

9.8CVSS7.1AI score0.14492EPSS
Exploits1References127
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.9 views

PT-2024-34547 · Jepaas · Jepaas

Name of the Vulnerable Software and Affected Versions: JEPAAS version 7.2.8 Description: The issue allows a remote user to submit a specially crafted query via the /je/rbac/rbac/loadLoginCount API endpoint in the dateVal parameter. This could enable an attacker to retrieve all the information...

7.5CVSS6.1AI score0.00591EPSS
Exploits1References6
OSV
OSV
added 2024/11/22 4:15 p.m.3 views

CVE-2024-50397

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...

8.8CVSS5.8AI score0.0065EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.4 views

PT-2024-34173 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.1.2930 build 20241025 QNAP QuTS hero versions prior to h5.2.1.2929 build 20241025 Description: A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system...

7.7CVSS7.3AI score0.00638EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.8 views

The vulnerability of the software for providing secure remote access to data in the GlobalProtect App software from Palo Alto Networks allows a perpetrator to cause service interruptions.

The vulnerability of the software for providing secure remote access to data in the GlobalProtect App software from Palo Alto Networks relates to the handling of the zero pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS6.8AI score0.0051EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.5 views

WAGO多款产品 安全漏洞

WAGO PFC100 and others are products of WAGO, Germany.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in a number of WAGO products. The vulnerability stems from...

5.7CVSS6.8AI score0.00339EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.6 views

The vulnerability of the software backup function for Brocade SANnav network management systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of the software backup function for Brocade SANnav management involves the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.4AI score0.00411EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2024/10/16 12:25 p.m.4 views

JDK: Integer conversion error leads to incorrect range check (8332644)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracl...

4.8CVSS7.4AI score0.0095EPSS
Exploits0References4
Rows per page
Query Builder