Lucene search
K

415 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

SUSE SLES16: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2026:22183-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22183-1 advisory. This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References27
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46899

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

9.6CVSS0.00344EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46897

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

9.9CVSS0.00368EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46900

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Enterprise...

9.9CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46901

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

9.9CVSS0.00368EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46898

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

8.1CVSS0.00351EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50002

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 through V16 Description A flaw in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with network access via HTTP to compromise the...

9.9CVSS5.8AI score0.00411EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50008

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 Oracle Enterprise Command Center Framework versions V16 Description An issue in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with...

9.9CVSS5.9AI score0.00368EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.25 views

PT-2026-50003

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 through V16 Description An issue exists in the Core component of the Oracle Enterprise Command Center Framework. A high privileged attacker with network access via HTTP can exploit this...

9.1CVSS5.9AI score0.00453EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50009

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...

9.8CVSS5.3AI score0.00473EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 2:27 p.m.8 views

CVE-2026-44207 Frappe: Insecure Direct Object Reference for email accounts

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS5.3AI score0.00321EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:23 p.m.8 views

EUVD-2026-36454

Frappe is a full-stack web application framework. Prior to version 15.106.0, a stored XSS vulnerability in the user profile image section allows an attacker to execute malicious scripts in the browsers of other users. This issue has been patched in version 15.106.0...

6.9CVSS5.3AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 7:16 p.m.7 views

CVE-2025-43278

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.5CVSS0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 9:8 p.m.8 views

CVE-2026-46679 libp2p: Memory DoS via subscription flood of unique topics

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node with default options. This issue has been patched in version 15.0.23...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a stack overflow issue in the IPMacBindRuleIp parameter within the formIPMacBindModify function. It is possible for attackers to exploit...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48188

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.6AI score0.00397EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/06 5:45 p.m.12 views

EUVD-2026-34976

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-45557

Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...

6.9CVSS5.5AI score0.00389EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 7:56 a.m.10 views

SUSE-SU-2026:2085-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in PostgresSQL 11

Incorrect privilege assignments in PostgreSQL allow a less-privileged application user to view or modify rows that were not intended for them. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or equivalent features. The problem arises when an application query uses...

4.2CVSS6.7AI score0.00705EPSS
Exploits0References2
Rows per page
Query Builder