Lucene search
+L

17 matches found

EUVD
EUVD
added 2026/07/06 8:12 a.m.6 views

EUVD-2026-41848

uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...

4.8CVSS5.9AI score0.00217EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 5:44 a.m.7 views

BIT-JRE-2021-35560

Vulnerability in the Java SE product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require...

7.5CVSS5.8AI score0.04495EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 2:42 p.m.5 views

BIT-JAVA-2020-2778

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

4.3CVSS6.7AI score0.02298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/09 1:14 p.m.4 views

openjdk: Improved Arena allocations (Oracle CPU 2026-04)

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

3.7CVSS6.6AI score0.00206EPSS
Exploits0References5
OSV
OSV
added 2026/03/19 5:25 p.m.4 views

GHSA-F4RQ-2259-HV29 Denial of service via non-terminating SYLT frame parsing loop in tinytag

Summary tinytag 2.2.0 allows an attacker who can supply MP3 files for parsing to trigger a non-terminating loop while the library parses an ID3v2 SYLT synchronized lyrics frame. In server-side deployments that automatically parse attacker-supplied files, a single 498-byte MP3 can cause the parsin...

6.5CVSS5.8AI score0.0041EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.7 views

CVE-2020-12876

Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments...

7.5CVSS6.9AI score0.01117EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:55 p.m.8 views

EUVD-2025-32549

python-socketio vulnerable to arbitrary Python code execution RCE through malicious pickle deserialization in certain multi-server deployments...

6.4CVSS7.2AI score0.00446EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/10/07 12:55 p.m.10 views

python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

Summary A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which the attacker previously gained access to the message queue that the servers use...

6.4CVSS8.5AI score0.00446EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/10/07 12:55 p.m.6 views

GHSA-G8C6-8FJJ-2R4M python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

Summary A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which the attacker previously gained access to the message queue that the servers use...

6.4CVSS8.5AI score0.00446EPSS
Exploits0References5
OSV
OSV
added 2025/10/06 4:15 p.m.4 views

DEBIAN-CVE-2025-61765

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

6.4CVSS7.3AI score0.00446EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/06 4:4 p.m.13 views

CVE-2025-61765 python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

6.4CVSS0.00446EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/06 4:4 p.m.4 views

CVE-2025-61765 python-socketio vulnerable to arbitrary Python code execution (RCE) through malicious pickle deserialization in certain multi-server deployments

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

6.4CVSS8.1AI score0.00446EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-14798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261,...

3.1CVSS6.7AI score0.02717EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-14797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261,...

4.3CVSS6.6AI score0.02196EPSS
Exploits0References2
OSV
OSV
added 2024/04/16 10:15 p.m.5 views

UBUNTU-CVE-2024-21005

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated...

3.1CVSS7.1AI score0.00853EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/17 2:0 p.m.6 views

OpenJDK: logging of digital signature private keys (8316976)

Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks o...

4.7CVSS7.3AI score0.00411EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/07/18 12:0 a.m.7 views

Oracle Java SE 安全漏洞

Oracle Java SE and Oracle GraalVM are both products of Oracle Corporation.Oracle Java SE is a product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM is a set of on-the-fly compilers written in the Java language...

5.1CVSS6.7AI score0.00483EPSS
Exploits0References14
Rows per page
Query Builder