Lucene search
+L

95 matches found

susecve
susecve
added 2023/02/15 4:19 a.m.4 views

SUSE CVE-2019-2426

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

3.7CVSS6.2AI score0.02575EPSS
Exploits0References10
susecve
susecve
added 2023/02/15 3:57 a.m.4 views

SUSE CVE-2020-14581

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

3.7CVSS6.5AI score0.03284EPSS
Exploits0References16
susecve
susecve
added 2023/02/15 3:57 a.m.6 views

SUSE CVE-2020-14781

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

3.7CVSS4.2AI score0.02296EPSS
Exploits0References19
susecve
susecve
added 2023/02/15 3:29 a.m.5 views

SUSE CVE-2022-21296

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS6.7AI score0.02825EPSS
Exploits0References19
bdu_fstec
bdu_fstec
added 2023/01/13 12:0 a.m.8 views

The vulnerability of the SAP NetWeaver AS for Java software platform, related to access control deficiencies, allows an intruder to gain read-only access to data.

The vulnerability of the SAP NetWeaver AS for Java software platform is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data...

9.7CVSS7.7AI score0.15729EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2022/09/20 12:0 a.m.5 views

PT-2022-5168 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.7.39 and prior MySQL Server versions 8.0.29 and prior Description: The issue exists due to insufficient input validation in the MySQL Server's encryption component. This allows a remote attacker to disclose protected...

10CVSS6.7AI score0.87816EPSS
Exploits32References957
osv
osv
added 2022/06/24 5:15 p.m.2 views

CVE-2022-29097

Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application...

4.9CVSS5.8AI score0.01238EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/05/04 6:15 p.m.3 views

CVE-2022-29943

Talend Administration Center has a vulnerability that allows an authenticated user to use XML External Entity XXE processing to achieve read access as root on the remote filesystem. The issue is fixed for versions 8.0.x in TPS-5189, versions 7.3.x in TPS-5175, and versions 7.2.x in TPS-5201...

6.8CVSS6.6AI score0.00807EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2022/03/30 12:0 a.m.7 views

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain read access to data and compromise its integrity.

The vulnerability of the Portal component in the Oracle PeopleSoft Enterprise PeopleTools business application suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read access to data and compromise its integri...

6.1CVSS6.8AI score0.00825EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/03/25 7:15 p.m.3 views

CVE-2022-0988

Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cleartext transmission as the web application runs by default on HTTP. This could allow an attacker to remotely read transmitted information between the client and product...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References1
redhat
redhat
added 2022/01/27 3:28 p.m.4 views

OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02825EPSS
Exploits0References4
redhat
redhat
added 2022/01/27 2:20 p.m.7 views

OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02877EPSS
Exploits0References4
redhat
redhat
added 2022/01/27 2:14 p.m.4 views

OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02825EPSS
Exploits0References4
mscve
mscve
added 2022/01/26 8:0 a.m.9 views

Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321 8u311 11.0.13 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to the APIs. CVSS 3.1

...

5.3CVSS6.3AI score0.02825EPSS
Exploits0
redhat
redhat
added 2022/01/24 11:39 a.m.27 views

OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02877EPSS
Exploits0References4
redhat
redhat
added 2022/01/24 11:39 a.m.6 views

OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02877EPSS
Exploits0References4
osv
osv
added 2022/01/19 12:15 p.m.4 views

DEBIAN-CVE-2022-21296

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS5.8AI score0.02825EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2022/01/19 11:23 a.m.7 views

CVE-2022-21282

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS6.5AI score0.02877EPSS
Exploits0References6
redhat
redhat
added 2021/11/11 6:30 p.m.5 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
redhat
redhat
added 2021/11/09 8:13 p.m.4 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
Rows per page
Query Builder