Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/12 3:1 p.m.10 views

EUVD-2026-36475

The Aqara Board service op-test.aqara.com accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and has an estimated CVSS...

8.6CVSS5.5AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-38039

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...

8.1CVSS7.2AI score0.01058EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/07/21 5:45 a.m.4 views

openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...

8.1CVSS7.2AI score0.00611EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.3 views

Helmholz REX100 信任管理问题漏洞

Helmholz REX100 is a wireless router from Helmholz. A trust management issue vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from the inclusion of two hard-coded user accounts and hard-coded passwords, allowing an unauthenticated, remote attacker to take full control ...

9.8CVSS9.2AI score0.00798EPSS
Exploits0References3
OSV
OSV
added 2020/10/21 3:15 p.m.2 views

CVE-2020-14859

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T...

9.8CVSS7.3AI score0.03752EPSS
Exploits0References2
OSV
OSV
added 2019/06/19 11:15 p.m.2 views

CVE-2019-2729

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.8CVSS7.5AI score0.8883EPSS
Exploits11References7
Tenable Nessus
Tenable Nessus
added 2019/04/18 12:0 a.m.42 views

Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component: - Networking component of Enterprise Manager Base Platform Spring Framework is easily exploited and may allow an...

8.8CVSS7AI score0.12154EPSS
Exploits4References12
OSV
OSV
added 2018/10/17 1:31 a.m.2 views

CVE-2018-3197

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. The supported version that is affected is 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server...

9.8CVSS7.3AI score0.03333EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/08/14 9:48 a.m.5 views

OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2017-3260

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

8.3CVSS7.2AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2017/01/24 12:0 a.m.6 views

PT-2017-1143 · Oracle · Oracle Fusion Middleware +1

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 Description: The issue is related to errors in security settings of the Core Components in Oracle Fusion Middleware. Exploitation of this issue can allow a remote...

9.8CVSS7.1AI score0.97301EPSS
Exploits15References17
Rows per page
Query Builder