Lucene search
+L

335 matches found

redhat
redhat
added 2025/07/15 11:11 p.m.7 views

openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...

8.1CVSS7.2AI score0.00611EPSS
Exploits0References5
osv
osv
added 2025/07/15 8:15 p.m.5 views

CVE-2025-50067

Vulnerability in Oracle Application Express component: Strategic Planner Starter App. Supported versions that are affected are 24.2.4 and 24.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attac...

9CVSS7.3AI score0.00277EPSS
Exploits0References1
osv
osv
added 2025/07/10 7:15 p.m.6 views

CVE-2025-53378

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services WFBSS agent could have allowed an unauthenticated attacker to remotely take control of the agent on affected installations. Also note: this vulnerability only affected the SaaS client version of WFBSS only...

9.8CVSS5.8AI score0.00648EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2025/06/23 12:0 a.m.9 views

The vulnerability of the websGetVar function in the /goform/set_cmd file of the LB-LINK microprogramming router software allows a hacker to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/set command of the LB-LINK microprogramming device exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability can allow a malicious actor to gain full...

6.5CVSS6.5AI score0.10113EPSS
Exploits1References5Affected Software1
redhatcve
redhatcve
added 2025/05/23 5:51 a.m.4 views

CVE-2023-22089

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...

9.8CVSS7.1AI score0.00705EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 9:1 p.m.5 views

CVE-2021-2319

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

9.1CVSS6.9AI score0.01074EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 9:0 p.m.5 views

CVE-2021-2135

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Coherence Container. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to...

9.8CVSS7.1AI score0.0837EPSS
Exploits1References1
attackerkb
attackerkb
added 2025/04/10 3:15 a.m.4 views

CVE-2025-27690

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2025/03/03 12:0 a.m.3 views

Tenda AC8 安全漏洞

Tenda AC8 is a wireless router from Tenda, a Chinese company. Tenda AC8 suffers from a buffer overflow vulnerability, which originates from the improper handling of the parameter list in the /goform/SetIpMacBind file, and can be exploited by an attacker to remotely launch an attack and gain contr...

9.8CVSS9AI score0.01288EPSS
Exploits1References6
redhatcve
redhatcve
added 2025/02/06 3:3 a.m.12 views

CVE-2025-21535

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...

9.8CVSS7.6AI score0.008EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 3:55 p.m.9 views

CVE-2020-14606

Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...

10CVSS7.5AI score0.02516EPSS
Exploits0
nessus
nessus
added 2025/01/23 12:0 a.m.10 views

Sprecher Automation SPRECON-E Use of Hard-coded Credentials (CVE-2022-4333)

Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.4AI score0.00851EPSS
Exploits1References2
osv
osv
added 2024/10/15 8:15 p.m.4 views

CVE-2024-21216

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...

9.8CVSS5.8AI score0.00709EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/10/15 12:0 a.m.6 views

Helmholz REX100 信任管理问题漏洞

Helmholz REX100 is a wireless router from Helmholz. A trust management issue vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from the inclusion of two hard-coded user accounts and hard-coded passwords, allowing an unauthenticated, remote attacker to take full control ...

9.8CVSS9.2AI score0.00798EPSS
Exploits0References3
osv
osv
added 2024/07/16 11:15 p.m.4 views

CVE-2024-21181

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...

9.8CVSS7.3AI score0.01119EPSS
Exploits0References1
hackread
hackread
added 2024/05/20 6:50 p.m.28 views

Fluent Bit Tool Vulnerability Threatens Billions of Cloud Deployments

By Deeba Ahmed "Linguistic Lumberjack" Threatens Data Breaches CVE-2024-4323. Patch now to shield your cloud services from information disclosure, denial-of-service, or even remote takeover. This is a post from HackRead.com Read the original post: Fluent Bit Tool Vulnerability Threatens Billions ...

7.5CVSS6.8AI score0.28309EPSS
Exploits3
osv
osv
added 2024/04/16 10:15 p.m.6 views

CVE-2024-21083

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Script Engine. Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

7.2CVSS7.1AI score0.00684EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/04/16 12:0 a.m.8 views

PT-2024-3073 · Oracle · Oracle Hospitality Simphony

Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Simphony versions 19.1.0 through 19.5.4 Description: The issue is related to insufficient input validation in the Simphony Enterprise Server component. It allows a low-privileged attacker with network access via HTTP to...

9.9CVSS7.3AI score0.00833EPSS
Exploits0References8
zdt
zdt
added 2024/04/11 12:0 a.m.496 views

CHAOS RAT 5.0.1 Remote Command Execution Exploit

CHAOS RAT web panel version 5.0.1 is vulnerable to command injection, which can be triggered from a cross site scripting attack, allowing an attacker to takeover the RAT server. Exploit Title: CHAOS RAT v5.0.1 RCE Exploit Author: @chebuya Software Link: https://github.com/tiagorlampert/CHAOS...

8.8CVSS5.3AI score0.80454EPSS
Exploits7
hackread
hackread
added 2024/04/09 1:23 p.m.17 views

91,000 Smart LG TV Devices Vulnerable to Remote Takeover

By Waqas LG TVs vulnerable! Update now to block hackers from taking control & stealing data webOS 4-7. Millions at risk! This is a post from HackRead.com Read the original post: 91,000 Smart LG TV Devices Vulnerable to Remote Takeover...

7.3AI score
Exploits0
Rows per page
Query Builder