Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-2825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read...

10CVSS7.7AI score0.71641EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-2007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0....

4.3CVSS5.5AI score0.02272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.4 views

CVE-2023-22083

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Web UI. Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

4.3CVSS4.9AI score0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.4 views

NetAlertX 安全漏洞

NetAlertX is a network intruder and presence detector from the jokob-sk individual developer. A security vulnerability exists in NetAlertX versions prior to 24.10.12, which stems from an HTTP client-ignorable redirect and issues related to strpos and directory traversal, which could lead to...

10CVSS8.8AI score0.68076EPSS
Exploits6References3
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.5 views

Eclipse Cyclone DDS 安全漏洞

Eclipse Cyclone DDS is a very high performance and robust open source DDS implementation from the Eclipse Foundation. A security vulnerability exists in Eclipse Cyclone DDS versions prior to 0.10.5, which originates from an integer overflow during deserialization and could lead to an...

9.1CVSS6.8AI score0.00876EPSS
Exploits1References3
OSV
OSV
added 2024/10/16 7:15 a.m.2 views

CVE-2019-25213

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive file...

7.5CVSS5.8AI score0.02734EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-2907 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche versions prior to 6.4.3 Description: The issue is related to an out-of-bounds read vulnerability in the WLAvalancheService component. This vulnerability can allow an unauthenticated remote attacker to read sensitive informati...

7.5CVSS9.4AI score0.01884EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/10/31 2:31 a.m.6 views

SUSE CVE-2020-2922

Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

3.7CVSS5AI score0.02436EPSS
Exploits0References2
OSV
OSV
added 2023/09/12 2:15 a.m.5 views

CVE-2023-37489

Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform Version Management System - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or...

5.3CVSS5.8AI score0.00433EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/07/19 5:21 p.m.6 views

OpenJDK: array indexing integer overflow issue (8304468)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

3.7CVSS7.2AI score0.01164EPSS
Exploits0References4
OSV
OSV
added 2023/05/31 1:15 p.m.5 views

CVE-2023-33507

KramerAV VIA GO² 4.0.1.1326 is vulnerable to Unauthenticated arbitrary file read...

7.5CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2023/04/17 10:15 p.m.4 views

CVE-2023-28978

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...

5.3CVSS6.1AI score0.0047EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/03 12:0 a.m.5 views

IBM Observability with Instana 访问控制错误漏洞

IBM Observability with Instana is a powerful application performance monitoring solution from International Business Machines IBM that enables faster performance tracking and incident resolution.IBM Observability with Instana suffers from an access control error vulnerability that stems from the...

9.1CVSS6.6AI score0.08573EPSS
Exploits3References5
ATTACKERKB
ATTACKERKB
added 2022/08/16 7:0 p.m.5 views

CVE-2022-1401

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00...

7.5CVSS7.2AI score0.18001EPSS
Exploits0References2
NCSC
NCSC
added 2022/08/09 12:0 a.m.4 views

Vulnerabilities fixed in Microsoft Exchange Server

Vulnerabilities have been fixed in Microsoft Exchange Server. The vulnerabilities allow a malicious party to gain access to sensitive data or obtain elevated privileges. The vulnerability with reference CVE-2022-24477 allows an authenticated malicious person to gain access to mailboxes of other...

8CVSS6.3AI score0.01971EPSS
Exploits0
OSV
OSV
added 2022/04/06 2:15 a.m.8 views

CVE-2021-30497

Ivanti Avalanche Premise 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive...

7.5CVSS7.2AI score0.9658EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/03/21 7:35 a.m.5 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/27 4:18 p.m.34 views

OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.02877EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.5 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS6AI score0.01147EPSS
Exploits0References2Affected Software1
NCSC
NCSC
added 2022/01/11 12:0 a.m.4 views

Vulnerability fixed in Siemens SIPROTEC systems

Siemens has fixed a vulnerability in SIPROTEC 5 systems. The vulnerability allows an unauthenticated malicious person to read information from the system. The vulnerability is located in the Web component of systems based on CPU variants CP050, CP100 and CP300. To exploit the vulnerability, the...

7.5CVSS6.7AI score0.00968EPSS
Exploits0
Rows per page
Query Builder