Lucene search
K

21 matches found

Debian CVE
Debian CVE
added 2026/05/10 3:42 a.m.14 views

CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

7.5CVSS5.8AI score0.00455EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-34128

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.0 through 8.0.45 MySQL Server versions 8.4.0 through 8.4.8 MySQL Server versions 9.0.0 through 9.6.0 Description An issue in the InnoDB component of MySQL Server allows a high privileged attacker with network access v...

6.5CVSS7.2AI score0.00323EPSS
Exploits0References126
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.12 views

PT-2026-33443

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain with Data Domain Operating System DD OS versions 8.4 through 8.5 Description An improper restriction of excessive authentication attempts allows a high privileged attacker with remote access to potentially gain...

7.2CVSS5.8AI score0.00368EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/10 8:35 a.m.4 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00337EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/04 7:3 a.m.4 views

CVE-2026-23704

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.4 views

CVE-2023-49827

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from...

7.1CVSS7.1AI score0.00393EPSS
Exploits0References1
CVE
CVE
added 2025/11/17 8:47 p.m.17 views

CVE-2025-36118

IBM Storage Virtualize versions 8.4, 8.5, 8.7, and 9.1 are affected by CVE-2025-36118 due to an information disclosure flaw in the IKEv1 Security Association negotiation, allowing remote attackers to read sensitive memory data. The root cause is an IKEv1 implementation issue (heap/memory handling...

7.5CVSS6AI score0.00315EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/10/21 8:20 p.m.5 views

CVE-2025-53040

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS0.00533EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/02/19 10:31 a.m.1 views

mysql: MySQL Server: Unauthorized Data Modification and Read Access Vulnerability

A flaw was found in MySQL Server. This vulnerability allows a low privileged attacker with network access via multiple protocols to achieve unauthorized data modification and read access to a subset of MySQL Server's accessible data...

5.4CVSS6.6AI score0.00481EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/12/12 8:8 p.m.5 views

WordPress Simple Link Directory plugin <= 8.4.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Simple Link Directory versions = 8.4.0...

6.5CVSS7.1AI score0.00465EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.5 views

Crypto++ 缓冲区错误漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ 8.4 and earlier versions, which stems from the fact that if allocated memory is not 16-byte aligned, the function FixSizeAllocatorWithCleanup may write to memory outside of the allocation...

7.5CVSS6.3AI score0.00823EPSS
Exploits1References3
OSV
OSV
added 2022/05/11 4:15 p.m.4 views

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

9.8CVSS6.5AI score0.00678EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.5 views

CVE-2022-21381

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

6.4CVSS6.9AI score0.0057EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.4 views

CVE-2022-21383

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: Log. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

4.3CVSS6.8AI score0.00804EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.4 views

CVE-2022-21382

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications component: WebUI. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

7.7CVSS7.2AI score0.00933EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/06/29 6:15 p.m.4 views

UBUNTU-CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

5.9CVSS6.8AI score0.02057EPSS
Exploits2References6
CNVD
CNVD
added 2020/03/24 12:0 a.m.4 views

GitLab Access Control Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Community and...

7.5CVSS6.7AI score0.00935EPSS
Exploits0References1
OSV
OSV
added 2018/07/18 1:29 p.m.1 views

CVE-2018-2961

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 8.4, 15.x, 16.x and 17.x. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

6.1CVSS7.3AI score0.01099EPSS
Exploits0References2
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-2962

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 8.4, 15.x, 16.x and 17.x. Difficult to exploit vulnerability allows low privileged attacker with...

4.4CVSS7.3AI score0.00707EPSS
Exploits0References2
OSV
OSV
added 2018/07/18 1:29 p.m.1 views

CVE-2018-2963

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 8.4, 15.x and 16.x. Easily exploitable vulnerability allows low privileged attacker with network acce...

4.3CVSS5.8AI score0.01085EPSS
Exploits0References2
Rows per page
Query Builder