608 matches found
Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-1099)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1099 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE:...
Unspecified Vulnerability in Oracle Java SE (CNVD-2025-24094)
Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. Oracle Java SE has a security vulnerability that can be exploited by attackers to cause a system takeover...
Unspecified Vulnerability in Oracle MySQL (CNVD-2025-17167)
Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability in MySQL Cluster versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5...
Oracle VM VirtualBox (July 2025 CPU)
The version of Oracle VM VirtualBox installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory, including the following: - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that i...
Oracle Java SE 安全漏洞
Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. Oracle Java SE has a security vulnerability that can be exploited by attackers to cause a system takeover...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a suite of virtualization solutions from Oracle Corporation USA. The product is used to unify the management of the entire hardware and software architecture, from applications to disks, enabling virtualization from the desktop to the datacenter.VM VirtualBox is one of th...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a suite of virtualization solutions from Oracle Corporation USA. The product is used to unify the management of the entire hardware and software architecture, from applications to disks, enabling virtualization from the desktop to the datacenter.VM VirtualBox is one of th...
Oracle Virtualization 访问控制错误漏洞
Oracle Virtualization is a suite of virtualization solutions from Oracle Corporation USA. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the...
Oracle Application Express 安全漏洞
Oracle Application Express is a low-code development platform from Oracle Corporation USA. A security vulnerability exists in Oracle Application Express version 24.2.4 and 24.2.5, which stems from a Strategic Planner Starter App component vulnerability that could lead to a system takeover...
PT-2025-29601
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions prior to 8u451 Oracle GraalVM for JDK versions prior to 17.0.15 Oracle GraalVM Enterprise Edition versions prior to 21.3.14 Oracle Java SE versions 11.0.27 Oracle Java SE versions 17.0.15 Oracle Java SE versions 21.0.7...
PT-2025-29659
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1 Oracle GraalVM for JDK versions 17.0.15, 21.0.7, 24.0.1 Oracle GraalVM Enterprise Edition version 21.3.14 Description A difficult-to-exploit issue exists in Oracle Jav...
PT-2025-28660 · Hewlett Packard · Hpe Networking Instant On Access Points
Name of the Vulnerable Software and Affected Versions: HPE Networking Instant On Access Points versions 3.2.0 and earlier HPE Aruba Instant On Access Points versions 3.2.0.1 and earlier Aruba Instant On APs versions 3.2.0 and earlier Description: HPE Networking and Aruba Instant On Access Points...
CVE-2024-37301
Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via server-side template injection which, when executed as root, can result in full takeover of the...
CVE-2023-21948
Vulnerability in the Oracle Solaris product of Oracle Systems component: Core. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...
CVE-2023-22014
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools...
CVE-2023-21896
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
CVE-2023-21985
Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
CVE-2021-3243
Wfilter ICF 5.0.117 contains a cross-site scripting XSS vulnerability. An attacker in the same LAN can craft a packet with a malicious User-Agent header to inject a payload in its logs, where an attacker can take over the system by through its plugin-running function...
CVE-2021-2309
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
CVE-2021-2071
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56, 8.57 and 8.58. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...