Lucene search
K

19715 matches found

Nuclei
Nuclei
added yesterday53 views

Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect

The Oracle Applications Framework component of Oracle E-Business Suite subcomponent: Popup windows lists of values, datepicker, etc. is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers...

5.8CVSS6.5AI score0.14558EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday281 views

Oracle E-Business Suite <=12.2 - Authentication Bypass

Oracle E-Business Suite component: Manage Proxies 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in...

7.5CVSS7.1AI score0.70589EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday35 views

Knowage Suite 7.3 - Cross-Site Scripting

Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...

6.1CVSS6.4AI score0.02721EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday552 views

Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution

Oracle E-Business Suite 12.2.3 through 12.2.11 is susceptible to remote code execution via the Oracle Web Applications Desktop Integrator product, Upload component. An attacker with HTTP network access can execute malware, obtain sensitive information, modify data, and/or gain full control over a...

9.8CVSS8AI score0.98342EPSS
Exploits7References6
Nuclei
Nuclei
added 2 days ago41 views

Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

7.5CVSS7.1AI score0.15028EPSS
Exploits3References5
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2022-4989

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2022-56011

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2 days ago13 views

CVE-2022-4989

CVE-2022-4989 affects the ASUS AI Suite 3 driver. The root cause is improper validation of a specified quantity in input, enabling a local user to craft IOCTL requests that access unintended memory regions and escalate privileges. The CVSS indicates high impact to confidentiality, integrity, and ...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2022-4990

CVE-2022-4990 affects the ASUS AI Suite 3 driver. The vulnerability arises from improper validation of a specified quantity in input, enabling a local attacker to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation. The docume...

7.3CVSS5.8AI score0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2022-56010

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...

7.3CVSS5.8AI score0.00096EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2022-4990

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...

7.3CVSS5.8AI score0.00096EPSS
Exploits0References2
Nuclei
Nuclei
added 4 days ago21 views

Zimbra Collaboration Suite - Memcached Command Injection

Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...

7.5CVSS7.6AI score0.84593EPSS
Exploits2References2
The Hacker News
The Hacker News
added 5 days ago11 views

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 CVSS score: 9.8, refers to an improper privilege management and authentication flaw in Oracle Payments that could be...

9.8CVSS6AI score0.00677EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 5 days ago9 views

Dell Wyse Management Suite < 5.5.0.777 Multiple Vulnerabilities (DSA-2026-225)

The version of Dell Wyse Management Suite installed on the remote host is prior to 5.5.0.777 5.5 HF1. It is, therefore, affected by multiple vulnerabilities: - An acceptance of extraneous untrusted data with trusted data vulnerability that could allow a low privileged attacker with remote access ...

9.8CVSS6.3AI score0.00548EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338

Summary IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338. This bulletin contains information regarding the vulnerability and its remediation Vulnerability Details CVEID:CVE-2026-42338 DESCRIPTION: ip-address is a library f...

8.1CVSS6.6AI score0.00453EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago4 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432

Summary IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION:...

8.9CVSS6.1AI score0.0068EPSS
Exploits0Affected Software1
VulnCheck KEV
VulnCheck KEV
added 6 days ago13 views

VulnCheck KEV: CVE-2026-46817

Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful...

9.8CVSS5.8AI score0.00677EPSS
In wildExploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 10:54 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses ws-8.17.1 in inspections application which is vulnerable to CVE-2026-45736

Summary IBM Maximo Application Suite - Manage Component uses ws-8.17.1 in inspections application which is vulnerable to CVE-2026-45736. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-45736 DESCRIPTION: ws is an open source...

7.5CVSS5.8AI score0.00717EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 8:1 a.m.3 views

Security Bulletin: There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-44431)

Summary There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followe...

8.9CVSS5.8AI score0.0068EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/25 2:16 p.m.6 views

CVE-2026-49506

Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution...

7.2CVSS0.00548EPSS
Exploits0References1
Rows per page
Query Builder