335 matches found
openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...
CVE-2025-50067
Vulnerability in Oracle Application Express component: Strategic Planner Starter App. Supported versions that are affected are 24.2.4 and 24.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attac...
CVE-2025-53378
A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services WFBSS agent could have allowed an unauthenticated attacker to remotely take control of the agent on affected installations. Also note: this vulnerability only affected the SaaS client version of WFBSS only...
The vulnerability of the websGetVar function in the /goform/set_cmd file of the LB-LINK microprogramming router software allows a hacker to gain full control over the device.
The vulnerability of the websGetVar function in the /goform/set command of the LB-LINK microprogramming device exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability can allow a malicious actor to gain full...
CVE-2023-22089
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
CVE-2021-2319
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2135
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Coherence Container. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to...
CVE-2025-27690
Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account...
Tenda AC8 安全漏洞
Tenda AC8 is a wireless router from Tenda, a Chinese company. Tenda AC8 suffers from a buffer overflow vulnerability, which originates from the improper handling of the parameter list in the /goform/SetIpMacBind file, and can be exploited by an attacker to remotely launch an attack and gain contr...
CVE-2025-21535
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
CVE-2020-14606
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications component: User Interface. Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge...
Sprecher Automation SPRECON-E Use of Hard-coded Credentials (CVE-2022-4333)
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardening guidelines. This plugin only works with Tenable.ot. Please visit...
CVE-2024-21216
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
Helmholz REX100 信任管理问题漏洞
Helmholz REX100 is a wireless router from Helmholz. A trust management issue vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from the inclusion of two hard-coded user accounts and hard-coded passwords, allowing an unauthenticated, remote attacker to take full control ...
CVE-2024-21181
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
Fluent Bit Tool Vulnerability Threatens Billions of Cloud Deployments
By Deeba Ahmed "Linguistic Lumberjack" Threatens Data Breaches CVE-2024-4323. Patch now to shield your cloud services from information disclosure, denial-of-service, or even remote takeover. This is a post from HackRead.com Read the original post: Fluent Bit Tool Vulnerability Threatens Billions ...
CVE-2024-21083
Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Script Engine. Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle BI Publisher...
PT-2024-3073 · Oracle · Oracle Hospitality Simphony
Name of the Vulnerable Software and Affected Versions: Oracle Hospitality Simphony versions 19.1.0 through 19.5.4 Description: The issue is related to insufficient input validation in the Simphony Enterprise Server component. It allows a low-privileged attacker with network access via HTTP to...
CHAOS RAT 5.0.1 Remote Command Execution Exploit
CHAOS RAT web panel version 5.0.1 is vulnerable to command injection, which can be triggered from a cross site scripting attack, allowing an attacker to takeover the RAT server. Exploit Title: CHAOS RAT v5.0.1 RCE Exploit Author: @chebuya Software Link: https://github.com/tiagorlampert/CHAOS...
91,000 Smart LG TV Devices Vulnerable to Remote Takeover
By Waqas LG TVs vulnerable! Update now to block hackers from taking control & stealing data webOS 4-7. Millions at risk! This is a post from HackRead.com Read the original post: 91,000 Smart LG TV Devices Vulnerable to Remote Takeover...