Lucene search
K

21 matches found

NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46874

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

3.2CVSS0.00129EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46873

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00114EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46825

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

6CVSS0.00159EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.10 views

CVE-2026-46768

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

6CVSS0.0015EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.8 views

CVE-2026-35275

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Shared Folders. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00123EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-49902

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with access to the infrastructure where the software executes can compromise the system. This may...

6CVSS5.8AI score0.0015EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49949

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...

6CVSS5.8AI score0.00159EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50074

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...

3.2CVSS5.8AI score0.00162EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/09 2:27 p.m.29 views

CVE-2026-49938

A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via...

6.5CVSS0.00201EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.4 views

PT-2025-48945

Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.8 Masa CMS versions prior to 7.3.13 Masa CMS versions prior to 7.4.6 Description Masa CMS is susceptible to a host header poisoning issue that can lead to account takeover through the password reset email...

8.8CVSS6.8AI score0.00164EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.3 views

Masa CMS 授权问题漏洞

Masa CMS is a digital experience platform. An authorization issue vulnerability exists in Masa CMS versions prior to 7.2.8, prior to 7.3.13, and prior to 7.4.6, which stems from host header poisoning and could lead to an account takeover via a password reset email...

8.8CVSS6.7AI score0.00164EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/09/11 5:32 a.m.2 views

CVE-2025-10247 JEPaaS Filter doFilterInternal access control

A security vulnerability has been detected in JEPaaS 7.2.8. This vulnerability affects the function doFilterInternal of the component Filter Handler. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit has been disclosed publicly and may be used...

6.5CVSS6.3AI score0.00305EPSS
Exploits0References4
NVD
NVD
added 2025/08/11 9:15 p.m.7 views

CVE-2024-32640

MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.5, 7.3.12, and 7.2.7 contain a fix for th...

9.8CVSS0.68593EPSS
Exploits3References7
EUVD
EUVD
added 2025/08/11 8:38 p.m.7 views

EUVD-2024-30442

MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for th...

9.8CVSS8.3AI score0.68593EPSS
Exploits3References7
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.3 views

JEPaaS 安全漏洞

JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8. An attacker exploiting the vulnerability can retrieve all information stored in the database...

7.5CVSS6.4AI score0.00579EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.3 views

JEPaaS 安全漏洞

JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8, which stems from the presence of a SQL injection vulnerability that could allow a remote user to submit a specially crafted query to retrieve all information stored in t...

9.1CVSS7.5AI score0.00726EPSS
Exploits1References2
OSV
OSV
added 2024/10/14 5:15 p.m.9 views

CVE-2024-46535

Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg...

9.8CVSS5.8AI score0.00448EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/07/17 12:0 a.m.4 views

PT-2024-5370 · Ibm · Ibm Engineering Requirements Management Doors Web Access

Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management DOORS Web Access version 9.7.2.8 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. This could allow a remote attacker to expose sensitive...

8.2CVSS9.5AI score0.00614EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/06/16 12:0 a.m.4 views

Wiris Mathtype 路径遍历漏洞

Wiris Mathtype is a Moodle plugin from the Spanish company Wiris. Convert any MathML or LaTeX to an accessible image using Wiris' MathType API service. A security vulnerability exists in Wiris Mathtype version v7.28.0, which stems from a path traversal issue included in the resourceFile parameter...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/05/29 12:0 a.m.4 views

PT-2019-17004 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.2.8 Description: The issue allows an attacker to obtain sensitive information by spoofing a trusted entity using man-in-the-middle techniques due to not validating or incorrectly validating a certificate...

5.9CVSS5.4AI score0.01013EPSS
Exploits0References4
Rows per page
Query Builder