Lucene search
K

485 matches found

VulnCheck KEV
VulnCheck KEV
added 2024/08/23 12:0 a.m.7 views

VulnCheck KEV: CVE-2024-13981

LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co., Ltd., contains an arbitrary file upload vulnerability in its UploadFile.do;.js.jsp endpoint. This flaw affects the LiveBOS Server component and allows unauthenticated remote attackers to upload...

10CVSS5.9AI score0.00837EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.8 views

PT-2024-5833 · Hitachi · Hitachi Device Manager

Name of the Vulnerable Software and Affected Versions: Hitachi Device Manager versions prior to 8.8.7-00 Description: The issue is related to an Unquoted Executable Path vulnerability in the Hitachi Device Manager on Windows, specifically affecting the Device Manager Server component. This...

6.8CVSS7.1AI score0.00165EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.5 views

Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

7.5CVSS6.3AI score0.00838EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.3 views

Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

6.1CVSS6.2AI score0.00887EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.3 views

Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

6.1CVSS6.2AI score0.00865EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/02 12:0 a.m.4 views

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

7.8CVSS6.7AI score0.07918EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/04/09 5:15 p.m.1 views

CVE-2024-26219

HTTP.sys Denial of Service Vulnerability...

7.5CVSS7.3AI score0.03137EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 8:20 a.m.22 views

CVE-2024-24683 Apache Hop Engine: ID isn't escaped when generating HTML

Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes the issue. When Hop Server writes links to the PrepareExecutionPipelineServlet page one of the parameters provided to the...

6.8AI score0.01239EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/03/05 6:22 p.m.4 views

mysql: Server: DML unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

4.9CVSS7AI score0.00986EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2024/02/23 7:29 p.m.34 views

K000138704: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...

5.3CVSS4.2AI score0.01096EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.5 views

PT-2024-20319 · Cellinx · Cellinx Nvt Web Server

Name of the Vulnerable Software and Affected Versions: Cellinx NVT Web Server version 5.0.0.014 Description: An issue in the component /cgi-bin/GetJsonValue.cgi allows attackers to leak configuration information via a crafted POST request to the "GetJsonValue.cgi" endpoint. Recommendations: For...

5.3CVSS5AI score0.005EPSS
Exploits0References6
OSV
OSV
added 2024/02/06 11:15 p.m.7 views

CVE-2024-1262

A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument picurl leads to unrestricted...

9.8CVSS5.3AI score0.00592EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.6 views

Vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Privileges of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to cause service interruptions...

5.3CVSS6.4AI score0.01023EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2024/01/16 1:15 a.m.14 views

Design/Logic Flaw

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows Hitachi Tuning Manager server component allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04...

3.2CVSS6.8AI score0.00141EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2023/11/13 12:0 a.m.8 views

Tenda RX9 Pro Buffer Overflow Vulnerability

The Tenda RX9 Pro is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda RX9 Pro version v22.03.02.20, which originates from a failure to properly validate the length and size of incoming data in the HTTP server component, and can be exploited by a...

7.1CVSS8.3AI score0.00646EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.4 views

Vulnerability of the Server component: The UDF component of the Oracle MySQL Server database management system, which allows attackers to perform DoS attacks.

The vulnerability of the Oracle MySQL Server database management system’s UDF component is related to improper resource cleanup. Exploiting this vulnerability can allow a malicious actor to carry out a DoS Denial-of-Service attack...

6.1CVSS6AI score0.00938EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.4 views

Zabbix Security Vulnerabilities

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix that stems from a security flaw in the Proxy, Server component that allows an attacker with...

9.1CVSS7.9AI score0.00592EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/04 1:5 p.m.14 views

CVE-2023-1832 Improper authorization check in the server component

An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant...

6.8CVSS7.1AI score0.00485EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/01 12:0 a.m.4 views

Vulnerability of the Server component: The Replication function of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Replication component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

4.6CVSS6.3AI score0.01117EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/07/11 6:15 p.m.5 views

CVE-2023-35298

HTTP.sys Denial of Service Vulnerability...

7.5CVSS5.8AI score0.01564EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder