Lucene search
K

32467 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens Ruggedcom Rox Improper Neutralization of Argument Delimiters in a Command (CVE-2025-40948)

Affected devices do not properly validate input in the web server's JSON-RPC interface. This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges. This plugin only works with Tenable.ot. Please visit...

6.8CVSS7.3AI score0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.16 views

PT-2026-50715

Name of the Vulnerable Software and Affected Versions Bitnami Cassandra container images versions 4.0.x prior to 4.0.20-photon-5-r7 Bitnami Cassandra container images versions 4.1.x prior to 4.1.11-photon-5-r7 Bitnami Cassandra container images versions 5.0.x prior to 5.0.8-photon-5-r4 /...

9.8CVSS6AI score0.00338EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/18 12:0 a.m.16 views

CVE-2026-38714

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a command injection vulnerability in the Python configuration function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input...

0.01316EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.11 views

PT-2026-50716

Name of the Vulnerable Software and Affected Versions Bitnami MariaDB Galera container image versions 10.6.x prior to 10.6.27-photon-5-r0 Bitnami MariaDB Galera container image versions 10.11.x prior to 10.11.17-photon-5-r1 Bitnami MariaDB Galera container image versions 11.4.x prior to...

5.3CVSS6AI score0.00187EPSS
Exploits0References8
CVE
CVE
added 2026/06/17 3:17 p.m.14 views

CVE-2025-32748

Dell PowerFlex rack (RCM 3.7/3.7) contains a Host Header Injection vulnerability that allows an unauthenticated, remotely accessible attacker to trigger redirections. CVSS v3.1 base score 4.3 (MEDIUM) with Network attack vector, Low complexity, No privileges required, User interaction required. N...

6.1CVSS6AI score0.00146EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/17 3:16 p.m.13 views

CVE-2026-35066

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

7.1CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:58 p.m.10 views

EUVD-2026-37736

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

7.1CVSS5.4AI score0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:48 p.m.32 views

CVE-2026-35162

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

4.3CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/17 2:48 p.m.6 views

CVE-2026-35162

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

4.3CVSS5.9AI score0.0021EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:48 p.m.10 views

EUVD-2026-37734

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

4.3CVSS5.4AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:24 p.m.22 views

CVE-2026-22283

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS0.00213EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:24 p.m.23 views

CVE-2026-22283

Dell PowerFlex Manager before version 4.8 is affected by CVE-2026-22283 (Inclusion of Functionality from Untrusted Control Sphere). An unauthenticated attacker with remote access could trigger information disclosure. Affected product: Dell PowerFlex Manager; vulnerable component/behavior not furt...

7.5CVSS5.9AI score0.00213EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.5AI score0.00558EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 10:54 a.m.12 views

CVE-2026-46894

Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite component: Home Page. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle iSupplier Portal...

8CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46897

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

9.9CVSS0.00368EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46891

Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product of Oracle JD Edwards component: Accounts Payable. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

8.1CVSS0.00337EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.17 views

CVE-2026-46806

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle WebCenter Content...

8.2CVSS0.00317EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.11 views

CVE-2026-35307

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

10CVSS0.00474EPSS
Exploits0References1
NCSC
NCSC
added 2026/06/17 9:25 a.m.9 views

Vulnerabilities in Oracle JD Edwards EnterpriseOne

Oracle has identified several vulnerabilities in Oracle JD Edwards EnterpriseOne, including the modules Tools, Accounts Payable, Human Resources Management, General Ledger, Order Promising, and Project Costing, specifically for versions 9.2.0.0 to 9.2.26.2. These vulnerabilities enable attackers ...

9.9CVSS5.5AI score0.00483EPSS
Exploits0References1
NCSC
NCSC
added 2026/06/17 8:53 a.m.11 views

Vulnerabilities in Oracle E-Business Suite products

Oracle has identified vulnerabilities in various Oracle E-Business Suite products, including Oracle Enterprise Command Center Framework, iSupplier Portal, Complex Maintenance, Repair and Overhaul, Process Manufacturing Product Development, HR Intelligence, Receivables, Spares Management, Cost...

9.9CVSS5.5AI score0.00473EPSS
Exploits0References1
Rows per page
Query Builder