21 matches found
CVE-2026-46874
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...
CVE-2026-46873
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2026-46825
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
CVE-2026-46768
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
CVE-2026-35275
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Shared Folders. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
PT-2026-49902
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with access to the infrastructure where the software executes can compromise the system. This may...
PT-2026-49949
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...
PT-2026-50074
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the VMSVGA device component of Oracle VM VirtualBox. A high-privileged attacker with logon access to the infrastructure where the software executes can compromise the system. Th...
CVE-2026-49938
A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via...
PT-2025-48945
Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.8 Masa CMS versions prior to 7.3.13 Masa CMS versions prior to 7.4.6 Description Masa CMS is susceptible to a host header poisoning issue that can lead to account takeover through the password reset email...
Masa CMS 授权问题漏洞
Masa CMS is a digital experience platform. An authorization issue vulnerability exists in Masa CMS versions prior to 7.2.8, prior to 7.3.13, and prior to 7.4.6, which stems from host header poisoning and could lead to an account takeover via a password reset email...
CVE-2025-10247 JEPaaS Filter doFilterInternal access control
A security vulnerability has been detected in JEPaaS 7.2.8. This vulnerability affects the function doFilterInternal of the component Filter Handler. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit has been disclosed publicly and may be used...
CVE-2024-32640
MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.5, 7.3.12, and 7.2.7 contain a fix for th...
EUVD-2024-30442
MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the processAsyncObject method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for th...
JEPaaS 安全漏洞
JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8. An attacker exploiting the vulnerability can retrieve all information stored in the database...
JEPaaS 安全漏洞
JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8, which stems from the presence of a SQL injection vulnerability that could allow a remote user to submit a specially crafted query to retrieve all information stored in t...
CVE-2024-46535
Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg...
PT-2024-5370 · Ibm · Ibm Engineering Requirements Management Doors Web Access
Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management DOORS Web Access version 9.7.2.8 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. This could allow a remote attacker to expose sensitive...
Wiris Mathtype 路径遍历漏洞
Wiris Mathtype is a Moodle plugin from the Spanish company Wiris. Convert any MathML or LaTeX to an accessible image using Wiris' MathType API service. A security vulnerability exists in Wiris Mathtype version v7.28.0, which stems from a path traversal issue included in the resourceFile parameter...
PT-2019-17004 · Ibm · Ibm Qradar Siem
Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.2.8 Description: The issue allows an attacker to obtain sensitive information by spoofing a trusted entity using man-in-the-middle techniques due to not validating or incorrectly validating a certificate...