Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

Hitachi Virtual Storage Platform One Block 操作系统命令注入漏洞

Hitachi Virtual Storage Platform One Block is a high-performance block storage system device developed by Hitachi, Ltd. Versions 23, 24, 26, and 28 of Hitachi Virtual Storage Platform One Block contain vulnerabilities related to operating system command injection. These vulnerabilities stem from ...

9.8CVSS6.1AI score0.009EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/03 9:15 a.m.38 views

CVE-2026-7688 Dolibarr ERP CRM Shipments API Endpoint expedition.class.php _checkValForAPI sql injection

A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endpoint. The manipulation of the argument fields leads to sql injection. The attack is possible to be...

5CVSS0.00221EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.8 views

Dolibarr ERP CRM 注入漏洞

Dolibarr ERP CRM is an open-source enterprise and sales management system developed by Dolibarr. Versions of Dolibarr ERP CRM 23.0.2 and earlier had a injection vulnerability. This vulnerability stemmed from the operation of the fields parameter in the checkValForAPI function of the Shipments API...

5CVSS6AI score0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/02/26 2:16 a.m.5 views

AZL-78593 CVE-2026-27965 affecting package vitess 17.0.7-14

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location e.g. an S3 bucket can manipulate backup manifest files so that arbitrary code is later executed when that backup is restored...

9.9CVSS6AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/31 9:13 p.m.6 views

CVE-2024-9432

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

6.9CVSS5.9AI score0.00091EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/30 6:31 p.m.6 views

CVE-2024-9432 Cleartext Storage of Sensitive Information vulnerability has been discovered in OpenText™ Vertica.

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

6.9CVSS5.9AI score0.00091EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.7 views

PT-2026-3623

IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.4CVSS5.5AI score0.00162EPSS
Exploits0References2
OSV
OSV
added 2025/07/15 8:15 p.m.5 views

CVE-2025-30751

Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromis...

8.8CVSS7.3AI score0.0033EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/23 3:48 a.m.5 views

SUSE CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6.7AI score0.01282EPSS
Exploits0References15
OSV
OSV
added 2025/01/18 4:15 p.m.6 views

CVE-2024-49824

IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation...

6.5CVSS5.8AI score0.00313EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.2 views

Oracle Application Express 安全漏洞

Oracle Application Express is a low-code development platform from Oracle Corporation USA. A security vulnerability exists in Oracle Application Express versions 23.2 and 24.1. An attacker could exploit the vulnerability to update, insert, or delete accessible data...

4.9CVSS7.8AI score0.00322EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.6 views

Relyum RELY-PCIe 安全漏洞

The Relyum RELY-PCIe is an intelligent pluggable board from the Spanish company Relyum. A security vulnerability exists in Relyum RELY-PCIe versions v22.2.1 through v23.1.0, which stems from a command injection vulnerability contained in the timedate function...

8.8CVSS7.5AI score0.01123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-5561 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions 23.2R2-EVO through 23.2R2-S1-EVO Junos OS Evolved versions 23.4R1-EVO through 23.4R2-EVO Description: An issue in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access ...

7.2CVSS7.4AI score0.00216EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.4 views

Microsoft Windows Compressed Folder Security Vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows Compressed Folder. The following products and versions are affected: Windows 11 Version 22H2 for ARM64-based Systems,Windows 11...

6.5CVSS6.7AI score0.30504EPSS
Exploits0References3
OSV
OSV
added 2023/11/16 5:15 p.m.1 views

CVE-2023-47056

Adobe Premiere Pro version 24.0 and earlier and 23.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

7.8CVSS6.3AI score0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/16 12:0 a.m.4 views

Adobe Audition 安全漏洞

Adobe Audition is a set of multi-track editing tools from the American company Audobee Adobe. The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A heap buffer overflow vulnerability exists in Adobe Auditi...

7.8CVSS7.8AI score0.0038EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.13 views

Mobileiron Sentry 安全漏洞

Mobileiron Sentry is a Smart Gateway product from Mobileiron, Inc. A security vulnerability exists in Sentry versions 23.6.0 through 23.6.2 and earlier, which stems from the Sentry API returning an incorrect HTTP header if the request header ends in system.base-hostname...

6.8CVSS6.2AI score0.00543EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/09 8:13 a.m.6 views

flash-plugin: multiple code execution issues fixed in APSB16-37

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

9.3CVSS6.1AI score0.07041EPSS
Exploits0References5
Rows per page
Query Builder