Lucene search
K

19 matches found

NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46875

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Deployment Library. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...

9.1CVSS0.00453EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.7 views

CVE-2026-46857

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Oracle Management Service. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

9.8CVSS0.00508EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49960

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...

9.9CVSS5.8AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.29 views

PT-2026-49965

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Oracle Management Service component of the Oracle Enterprise Manager Base Platform. This flaw allows a...

9.8CVSS5.8AI score0.00508EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49962

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Target Management component of the Oracle Enterprise Manager Base Platform. A low privileged attacker...

9.9CVSS5.9AI score0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-49950

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...

9.9CVSS5.3AI score0.00411EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.10 views

PT-2026-33102

Name of the Vulnerable Software and Affected Versions xwayland versions prior to 24.1.9-2.1 xorg-x11-server versions prior to 21.1.21-5.1 Description Security issues were identified in xwayland and xorg-x11-server. Recommendations Update xwayland to version 24.1.9-2.1. Update xorg-x11-server to...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References145
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

Juniper Networks Paragon Automation security vulnerabilities

Juniper Networks Paragon Automation is an automation and operations platform provided by the American company Juniper Networks. Versions of Juniper Networks Paragon Automation prior to 24.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of appropriate...

6.1CVSS5.8AI score0.00242EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/06 9:6 p.m.3 views

CVE-2025-14596 Quartus Prime Pro Edition Installer Advisory

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer SFX on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1...

6.7CVSS6.6AI score0.00092EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.3 views

WordPress plugin Gmedia Photo Gallery 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...

4.3CVSS6.5AI score0.001EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: java-11-konajdk (TSSA-2024:1018)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1018 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.4CVSS6.5AI score0.02474EPSS
Exploits1References16
Vulnrichment
Vulnrichment
added 2025/10/16 10:43 a.m.3 views

CVE-2025-3930 Lack of JWT Expiration after Log Out in Strapi

Strapi uses JSON Web Tokens JWT for authentication. After logout or account deactivation, the JWT is not invalidated, which allows an attacker who has stolen or intercepted the token to freely reuse it until its expiration date which is set to 30 days by default, but can be changed. The existence...

6.3CVSS6.5AI score0.00641EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/09 6:30 p.m.6 views

EUVD-2025-33366

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's...

6.1CVSS6.5AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/09 3:57 p.m.8 views

CVE-2025-59974 Junos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the application, which are then stored and executed in the context of other users' browsers when they access...

9.3CVSS0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41433

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in Juniper Networks Junos Space. An attacker can inject script tags in the CLI...

6.1CVSS6.8AI score0.00207EPSS
Exploits0References3
OSV
OSV
added 2025/05/22 6:23 p.m.8 views

USN-7528-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled the concatws function. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, and Ubuntu 24.10. CVE-2025-29087, CVE-2025-3277 It w...

9.8CVSS7AI score0.00718EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.3 views

PT-2024-16015

Name of the Vulnerable Software and Affected Versions CodeChecker versions through 6.24.1 Description Authentication bypass occurs when the API URL ends with Authentication, allowing superuser access to all API endpoints other than /Authentication. These endpoints include the ability to add, edit...

10CVSS6.8AI score0.40058EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.4 views

PT-2024-7023 · Intel · Intel Quartus Prime Pro Edition Design

Name of the Vulnerable Software and Affected Versions: IntelR QuartusR Prime Pro Edition Design Software versions prior to 24.1 Description: The issue is related to an uncontrolled search path in the IntelR QuartusR Prime Pro Edition Design Software. This may allow an authenticated user to...

7.8CVSS7.4AI score0.0015EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/02/16 12:0 a.m.4 views

BeyondTrust Privilege Management Security Vulnerability

BeyondTrust Privilege Management is the BeyondTrust Privilege Management tool for Windows and Mac SaaS from BeyondTrust USA. A security vulnerability exists in BeyondTrust Privilege Management for Windows versions prior to 24.1. An attacker could exploit the vulnerability to view Sysvol...

3.3CVSS6.6AI score0.00156EPSS
Exploits0References2
Rows per page
Query Builder