Lucene search
+L

1977 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.9 views

CVE-2026-22011

Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite component: ADPatch. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA...

7.6CVSS7.3AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.12 views

CVE-2026-35228

Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects component: helper tool. The supported versions that is affected is 1.0.1-1.0.156. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle MCP Server...

8.7CVSS5.5AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.12 views

CVE-2024-2374

The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entities. This omission allows malicious actors to craft XML payloads that exploit the parser's behavior, leading to the inclusion of external resources. ...

9.1CVSS5.4AI score0.00377EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/05 4:27 a.m.15 views

[SECURITY] Fedora 44 Update: nextcloud-33.0.4-1.fc44

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

9.1CVSS5.8AI score0.00586EPSS
Exploits1
NVD
NVD
added 2026/06/01 7:16 p.m.17 views

CVE-2026-45283

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

6.3CVSS0.00211EPSS
Exploits0References3
OSV
OSV
added 2026/06/01 1:58 p.m.18 views

GHSA-63GR-G7JC-V8RG @agenticmail/mcp Missing Authentication for Critical Function

AgenticMail MCP HTTP authorization bypass Summary @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a session and call tools directly. T...

8.7CVSS5.9AI score0.00359EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 9:16 p.m.19 views

CVE-2026-46840

Vulnerability in Oracle REST Data Services component: Backend-as-a-Service. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. While the vulnerability is in...

10CVSS0.00725EPSS
Exploits1References1
NVD
NVD
added 2026/05/28 9:16 p.m.13 views

CVE-2026-46827

Vulnerability in the Oracle Payroll product of Oracle E-Business Suite component: Self Service Manager. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Payroll. Successful...

8.8CVSS0.0025EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 9:16 p.m.22 views

CVE-2026-46821

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.7CVSS0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 9:16 p.m.15 views

CVE-2026-46823

Vulnerability in the Oracle Public Sector Financials International product of Oracle E-Business Suite component: Authorization. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Orac...

7.7CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 8:17 p.m.17 views

EUVD-2026-33044

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.7CVSS5.8AI score0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 8:17 p.m.13 views

EUVD-2026-33045

Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iAssets. While the...

9.9CVSS5.8AI score0.00283EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:17 p.m.10 views

CVE-2026-46820

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.5CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:17 p.m.10 views

CVE-2026-35277

Vulnerability in Oracle REST Data Services component: Core. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of this vulnerability can...

8.1CVSS5.8AI score0.00267EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:17 p.m.15 views

CVE-2026-34311

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications component: Opera. Supported versions that are affected are 5.6.19.24, 5.6.22, 5.6.25.19, 5.6.27.6 and 5.6.28. Easily exploitable vulnerability allows unauthenticated attacker with network...

9.8CVSS5.8AI score0.00461EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Oracle Financials Common Modules 安全漏洞

Oracle Financials Common Modules is a suite of enterprise financial management shared functionality modules provided by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle Financials Common Modules contain security vulnerabilities. These vulnerabilities stem from issues...

8.5CVSS5.8AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.14 views

Oracle Financials Common Modules 安全漏洞

Oracle Financials Common Modules is a suite of enterprise financial management shared functionality modules provided by Oracle, a company in the United States. Versions 12.2.3 to 12.2.15 of Oracle Financials Common Modules contain security vulnerabilities. These vulnerabilities stem from issues...

7.7CVSS5.8AI score0.00261EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44523

Vulnerability in the Oracle Payroll product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Payroll. Successful...

8.1CVSS5.8AI score0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44520

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS5.8AI score0.00264EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2026/05/15 12:0 a.m.47 views

Microsoft Exchange Server Cross-Site Scripting Vulnerability

Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context...

8.1CVSS6AI score0.0564EPSS
In wildExploits1
Rows per page
Query Builder