Lucene search
K

20 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/06 8:34 a.m.11 views

CVE-2026-42509

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue...

5.8AI score0.00357EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/04/15 11:16 a.m.11 views

CVE-2026-30778

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue...

7.5CVSS0.00544EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 10:16 a.m.5 views

CVE-2026-21660

Hardcoded Email Credentials Saved as Plaintext in Firmware CWE-256: Plaintext Storage of a Password vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick...

9.8CVSS5.8AI score0.0023EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/02/13 12:24 a.m.8 views

SUSE CVE-2026-25990

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

7.5CVSS6.6AI score0.00367EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

Microsoft .NET 安全漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There are security vulnerabilities in Microsoft .NET. Attackers can exploit the...

7.5CVSS7.1AI score0.01015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.4 views

CVE-2026-21942

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystems. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

5CVSS5.4AI score0.00114EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 12:31 a.m.6 views

EUVD-2026-3567

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystems. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

5CVSS5.4AI score0.00114EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 10:15 p.m.22 views

CVE-2026-21942

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystems. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

5CVSS0.00114EPSS
Exploits0References1
OSV
OSV
added 2025/08/13 3:30 p.m.3 views

GHSA-23HV-MWM6-G8JF Apache Tomcat Session Fixation vulnerability

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 ...

6.5CVSS5.8AI score0.00775EPSS
Exploits0References10
OSV
OSV
added 2024/02/08 10:15 p.m.4 views

CVE-2023-49101

WebAdmin in Axigen 10.3.x before 10.3.3.61, 10.4.x before 10.4.24, and 10.5.x before 10.5.10 allows XSS attacks against admins because of mishandling of viewing the usage of SSL certificates...

6.1CVSS5.8AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2023/04/18 8:15 p.m.3 views

CVE-2023-22003

Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

3.3CVSS6.5AI score0.0022EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:51 a.m.2 views

SUSE CVE-2017-3630

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

5.3CVSS5.9AI score0.04531EPSS
Exploits6References2
Positive Technologies
Positive Technologies
added 2022/03/28 12:0 a.m.3 views

PT-2022-13118 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 10.0 through 14.5.4 GitLab versions 10.1 through 14.6.4 GitLab versions 10.2 through 14.7.1 Description: An issue in GitLab allows private project paths to be disclosed to unauthorized users via system notes when an Issue is...

4.3CVSS4.1AI score0.01074EPSS
Exploits1References10
OSV
OSV
added 2022/01/29 11:15 p.m.11 views

AZL-8453 CVE-2021-46658 affecting package mariadb for versions less than 10.6.7-1

savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...

5.5CVSS6.8AI score0.00391EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/11/01 12:0 a.m.4 views

PT-2021-16825 · Unknown · Avideo/Youphptube

Name of the Vulnerable Software and Affected Versions: AVideo/YouPHPTube versions 10.0 and prior Description: The issue allows an administrator-privileged user to write files on the filesystem using flag and code variables in the file save.php. This is due to insecure file write. Recommendations:...

9CVSS6.9AI score0.0153EPSS
Exploits1References6
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.4 views

Apple macOS 授权问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. An authorization issue vulnerability exists in Apple macOS, which can be exploited by a local attacker to bypass the "Logon to Windows" protection screen and gain unauthorized access to the system. The...

4.6CVSS6AI score0.00298EPSS
Exploits0References7
OSV
OSV
added 2020/10/02 9:15 p.m.6 views

CVE-2020-5984

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. This affects vGPU version 8.x prior to 8.5, version 10.x prio...

7.8CVSS7.2AI score0.00366EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.6 views

CVE-2020-2851

Vulnerability in the Oracle Solaris product of Oracle Systems component: Common Desktop Environment. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise...

7.8CVSS7.1AI score0.0056EPSS
Exploits3References4
OSV
OSV
added 2020/04/15 2:15 p.m.5 views

CVE-2020-2771

Vulnerability in the Oracle Solaris product of Oracle Systems component: Whodo. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

2.5CVSS5.8AI score0.00536EPSS
Exploits3References4
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-3052

Vulnerability in the MICROS Relate CRM Software component of Oracle Retail Applications subcomponent: Internal Operations. Supported versions that are affected are 10.8.x and 11.4.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MICROS...

6.4CVSS5.8AI score0.0107EPSS
Exploits0References2
Rows per page
Query Builder