Lucene search
K

12640 matches found

Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50538

Name of the Vulnerable Software and Affected Versions Tinyproxy versions prior to commit ff45d3b Description Tinyproxy fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine the number o...

9.3CVSS6.1AI score0.00439EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50239

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A logic error in the transfer function of the PackageInstaller.Session class within frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java allows for a memory...

10CVSS6AI score0.00125EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 3:16 p.m.9 views

CVE-2026-10637

subsys/net/ip/ipv6mld.c:mldsend read the packet interface via netpktifacepkt after netsenddatapkt returned successfully. Per the network stack's ownership contract include/zephyr/net/netcore.h, and the explicit warning in subsys/net/ip/netcore.c:453-460 'do not use pkt after that call', a...

5.9CVSS0.00181EPSS
Exploits0References2
Veracode
Veracode
added 2026/06/16 11:59 a.m.9 views

Denial Of Service (DoS)

Netty is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of HTTP/2 SETTINGSMAXHEADERLISTSIZE values, which allows an attacker to trigger repeated request processing and response-header generation failures, leading to resource exhaustion similar to an HTTP/2 Rapi...

6.9CVSS5.2AI score0.00302EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/16 11:50 a.m.2 views

BIT-MYSQL-CLIENT-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

9.1CVSS5.8AI score0.00694EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:47 a.m.6 views

BIT-MARIADB-MIN-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

9.1CVSS5.8AI score0.00694EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:47 a.m.8 views

BIT-MARIADB-2026-48163 MariaDB: wsrep SST unsafe parameter handling on the donor side (rsync)

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

9.1CVSS5.8AI score0.00694EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:46 a.m.9 views

BIT-MARIADB-2026-44168 MariaDB: wsrep SST unsafe parameter handling on the donor side

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...

8CVSS5.8AI score0.00469EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/16 6:14 a.m.5 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 12:34 a.m.7 views

EUVD-2026-37022

Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

7.1CVSS5.3AI score0.00264EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50061

Name of the Vulnerable Software and Affected Versions Oracle Project Portfolio Analysis versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Project Portfolio Analysis product within Oracle E-Business Suite. A low privileged attacker with...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49842

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware Identity Manager version 12.2.1.4.0 Oracle Fusion Middleware Identity Manager version 14.1.2.1.0 Description An issue in the Security component of the Identity Manager product allows a low privileged attacker with...

8.8CVSS5.8AI score0.00432EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-50015

Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne Accounts Payable version 9.2 Description A flaw in the Accounts Payable component allows a low-privileged attacker with network access via HTTP to compromise the system. Successful exploitation can lead to a ful...

9.9CVSS5.8AI score0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49994

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel Apps - Marketing versions 17.0 through 26.5 Description An issue in the Marketing component of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful...

9.8CVSS5.8AI score0.00474EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-50067

Vulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financials...

7.2CVSS5.2AI score0.00453EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-49920

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Content version 14.1.2.0.0 Description An issue exists in the Content Server component of Oracle WebCenter Content. An unauthenticated attacker with network access via HTTP can compromise the system, although the attack is...

8CVSS5.9AI score0.0016EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-50024

Name of the Vulnerable Software and Affected Versions Oracle Process Manufacturing Product Development versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite. A low...

9.9CVSS5.9AI score0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49864

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebLogic Server versions 14.1.2.0.0 Oracle Fusion Middleware WebLogic Server versions 15.1.1.0.0 Description An issue exists in the Console component of the WebLogic Server. An unauthenticated attacker with network...

10CVSS5.9AI score0.00483EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-50025

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel CRM Cloud Applications versions 17.0 through 26.5 Description An issue exists in the Siebel Cloud Manager component of Oracle Siebel CRM Cloud Applications. An unauthenticated attacker with network access via HTTP can...

9.8CVSS5.8AI score0.00362EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.17 views

RHEL 9 : postfix (RHSA-2026:26205)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26205 advisory. The postfix packages provide a Mail Transport Agent MTA, which supports protocols like LDAP, SMTP AUTH SASL, and TLS. Security Fixes: postfix: buffe...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References4
Rows per page
Query Builder