Lucene search
K

35 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Exchange Server 服务端请求伪造漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

8.8CVSS5.8AI score0.00465EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:50 p.m.20 views

CVE-2024-56462

IBM QRadar SIEM 7.5.0 to 7.5.0 UP15 Interim Fix 002 contains a vulnerability where a privileged user can upload a malicious backup archive, which could be restored to gain access to the underlying operating system. Affected versions: 7.5.0 through UP15 IF002. Root cause and exact remediation are ...

8.8CVSS5.8AI score0.00463EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Oracle Linux 8 : postgresql:15 (ELSA-2026-0524)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0524 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.15-1 - Update to 15.15 - Resolves: RHEL-128819 CVE-2025-12818 Tenable has extracted the preceding...

5.9CVSS5.8AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.3 views

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a set of e-mail service programs from the American Microsoft Corporation Microsoft. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The vulnerability is exploited b...

5.3CVSS6.2AI score0.00787EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2025/05/29 12:0 a.m.7 views

Hotfix update for Exchange Server 2019 CU15 HU2: May 29, 2025 (KB5057651)

Hotfix update for Exchange Server 2019 CU15 HU2: May 29, 2025 KB5057651 Hotfix update for Microsoft Exchange Server 2019 CU15 HU2 was released on May 29, 2025. It includes fixes for nonsecurity issues and introduces new features. These fixes and features will also be included in later cumulative...

6.5AI score
Exploits0
SUSE Linux
SUSE Linux
added 2025/02/21 2:12 p.m.6 views

Security update for postgresql15

This update for postgresql15 fixes the following issues: Upgrade to 15.12: CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.8CVSS7.3AI score0.89472EPSS
Exploits10References4
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.6 views

Microsoft SQL Server 代码问题漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation that is used under Microsoft Windows. A code issue vulnerability exists in Microsoft SQL Server. An attacker exploiting this vulnerability could remotely execute code. The following products and editions are...

7.8CVSS7.2AI score0.00589EPSS
Exploits0References3
OSV
OSV
added 2024/01/10 11:15 a.m.4 views

CVE-2024-0310

A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update 15 allows a remote attacker to alter the response header parameter setting to switch the content security policy into report-only mode, allowing an attacker to bypass the content-security-policy...

6.1CVSS5.8AI score0.00422EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.7 views

Trellix Endpoint Security Cross-Site Scripting Vulnerability

Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A cross-site scripting vulnerability exists in Trellix Endpoint Security ENS Web Control prior to version 10.7.0 Update 15, which originates from a cross-site scripting vulnerability that allows a remote...

6.1CVSS6.2AI score0.00422EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.8 views

SUSE CVE-2013-0809

Unspecified vulnerability in the 2D component in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than...

10CVSS7.8AI score0.10554EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.4 views

PT-2021-18927 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15 iPadOS versions prior to 15 Description: The issue allows a malicious application to access photo metadata without needing permission to access photos. This was addressed with improved authentication. Recommendations:...

5.5CVSS4.8AI score0.00731EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/02/21 12:0 a.m.7 views

TIETEN Acronis Cyber Protect 跨站脚本漏洞

Acronis Cyber Protect is an application. Acronis Cyber Protect 15 Update 1 build 26172 has a cross-site scripting vulnerability that stems from cross-site scripting XSS in the console. . No detailed vulnerability details are available at this time...

6.1CVSS6.2AI score0.007EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2020/10/20 12:0 a.m.7 views

KB3205416 - Cumulative update 15 for SQL Server 2012 SP2

KB3205416 - Cumulative update 15 for SQL Server 2012 SP2 Cumulative Update 15 CU15 for Microsoft SQL Server 2012 Service Pack 2 SP2 was also released as a SQL Server Security Bulletin on 11/8/2016, KB3194725. See MS16-136 for more information. Because of this, you may already have CU15 installed ...

5.8AI score
Exploits0
OSV
OSV
added 2020/07/17 12:15 a.m.5 views

CVE-2020-9672

Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation...

7.8CVSS5.8AI score0.01045EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/05/02 1:11 p.m.5 views

JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D...

5CVSS7.4AI score0.02802EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.6 views

JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

10CVSS5.8AI score0.06036EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.6 views

OpenJDK: CMM malformed raster memory corruption (2D, 8007675)

The color management CMM functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service crash via an image with crafted raster parameters, which...

10CVSS7.8AI score0.85882EPSS
Exploits10References5
RedHat Linux
RedHat Linux
added 2013/03/06 6:58 p.m.7 views

OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)

Unspecified vulnerability in the 2D component in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than...

10CVSS7.8AI score0.10554EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/02/20 9:41 p.m.5 views

JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

10CVSS5.8AI score0.06036EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2010/01/14 4:32 p.m.4 views

OpenJDK proxy mechanism allows non-authorized socket connections (6801497)

The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lack...

7.5CVSS6.2AI score0.04838EPSS
Exploits0References4
Rows per page
Query Builder