Lucene search
K

205 matches found

CNNVD
CNNVD
added 2023/07/18 12:0 a.m.6 views

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Advanced Networking Option component of Oracle...

3.7CVSS6.4AI score0.00383EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.9 views

PT-2023-3700 · Oracle +1 · Oracle Web Applications Desktop Integrator +1

Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the MS Excel Specific component of Oracle Web Applications Desktop Integrator, part of the Oracle...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2023/06/09 1:15 p.m.4 views

CVE-2023-2284

The WP Activity Log Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxswitchdb function in versions up to, and including, 4.5.0. This makes it possible for authenticated attackers with subscriber-level or higher to make...

4.3CVSS5.9AI score0.00386EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/04/19 7:36 p.m.5 views

OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...

3.7CVSS6.9AI score0.01036EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/19 7:27 p.m.5 views

OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...

3.7CVSS7.3AI score0.01208EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.5 views

PT-2023-2528 · Oracle · Oracle Iprocurement +1

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the E-Content Manager Catalog component. It allows a low-privileged attacker with network access via HTTP to...

5.5CVSS5.3AI score0.00377EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.9 views

PT-2023-2632 · Oracle · Oracle Banking Virtual Account Management

Name of the Vulnerable Software and Affected Versions: Oracle Banking Virtual Account Management versions 14.5 through 14.7 Description: The issue is related to insufficient input validation in the Routing Hub subcomponent of Oracle Banking Virtual Account Management, part of Oracle Financial...

8.5CVSS7.9AI score0.00551EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2023/04/06 12:0 a.m.1 views

VulnCheck KEV: CVE-2023-1929

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the wpfcpurgecachevarnishcallback function in versions up to, and including, 1.1.2. This makes it possible for authenticated attackers with subscriber-level access...

4.3CVSS6.6AI score0.00389EPSS
Exploits0References1
OSV
OSV
added 2023/03/07 4:15 p.m.5 views

CVE-2020-36670

The NEX-Forms. plugin for WordPress is vulnerable to unauthorized disclosure and modification of data in versions up to, and including 7.7.1 due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber level permissions and above to...

6.3CVSS5.8AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2023/01/18 12:15 a.m.7 views

CVE-2023-21888

Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...

5.4CVSS6.7AI score0.00377EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.4 views

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security bypass vulnerability exists in Oracle Database Server that can be exploited ...

6.3CVSS6.6AI score0.00445EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.3 views

Oracle Java SE 安全漏洞

Oracle Java SE is an Oracle product for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE 11.0.17, 17.0.5, 19.0.1, which can be exploited by an attacker to cause unauthorized update,...

5.3CVSS6.4AI score0.01836EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.5 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS7.3AI score0.0129EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 1:47 p.m.5 views

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS7.3AI score0.01116EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 1:47 p.m.5 views

mysql: Server: DML unspecified vulnerability (CPU Jan 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

5.5CVSS7.3AI score0.01604EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 1:47 p.m.2 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS7.3AI score0.01579EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/19 10:15 p.m.5 views

CVE-2022-21527

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS6.5AI score0.0129EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.4 views

Oracle FLEXCUBE Universal Banking 输入验证错误漏洞

Oracle FLEXCUBE Universal Banking is a general purpose digital banking system from Oracle Corporation. An input validation error vulnerability exists in Oracle FLEXCUBE Universal Banking component: Infrastructure versions 12.1 through 12.4, 14.0 through 14.3, and 14.5, which can be exploited by a...

6.7CVSS7.1AI score0.00551EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/05/02 10:0 a.m.5 views

CVE-2022-1300

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service...

9.8CVSS7.7AI score0.01396EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2022/04/19 9:15 p.m.2 views

UBUNTU-CVE-2022-21440

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS6.6AI score0.01116EPSS
Exploits0References4
Rows per page
Query Builder