Lucene search
K

19 matches found

EUVD
EUVD
added 2026/05/19 9:27 a.m.14 views

EUVD-2026-30869

Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.3CVSS5.8AI score0.00515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.21 views

Tenable Nessus Agent < 11.0.4 / 11.1.x < 11.1.2 DoS (TNS-2026-05)

According to its self-reported version, the Tenable Nessus Agent running on the remote host is prior to 11.0.4 or 11.1.x prior to 11.1.2. It is, therefore, affected by a vulnerability as referenced in the TNS-2026-05 advisory. - A vulnerability has been identified where weak file permissions in t...

6.9CVSS5.8AI score0.00106EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/05 1:37 a.m.6 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/12 9:1 p.m.2 views

CVE-2025-54223 InCopy | Use After Free (CWE-416)

InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.6AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2025/02/04 2:15 p.m.4 views

UBUNTU-CVE-2025-0510

Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability was fixed in Thunderbird 128.7 and Thunderbird 135...

6.5CVSS6.8AI score0.00233EPSS
Exploits0References7
OSV
OSV
added 2024/10/03 12:0 a.m.5 views

UBUNTU-CVE-2024-9402

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 131, Firefox ESR...

9.8CVSS7.4AI score0.00614EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2024/06/12 8:24 a.m.194 views

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 - Unauthenticated Remote Code Execution in Cacti...

9.8CVSS10AI score0.99826EPSS
Exploits48
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.5 views

SUSE CVE-2022-21427

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS5.6AI score0.02052EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.2 views

SUSE CVE-2022-21451

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.4CVSS5.4AI score0.01266EPSS
Exploits0References3
OSV
OSV
added 2022/02/04 12:0 a.m.2 views

GHSA-6CW3-G6WV-C2XV Infinite Loop in Django

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files...

8.7CVSS7.1AI score0.49246EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2021/10/12 2:17 p.m.3 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.50 and prior, 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

6.8CVSS7.3AI score0.02205EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2020/10/27 7:0 a.m.4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

...

6.8CVSS7AI score0.03012EPSS
Exploits0
OSV
OSV
added 2020/01/15 5:15 p.m.4 views

CVE-2020-2701

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

7.5CVSS7.1AI score0.00557EPSS
Exploits0References3
CNVD
CNVD
added 2019/09/18 12:0 a.m.2 views

Inappropriate SPIP Privileges Vulnerability

SPIP is a Web-based content publishing system. The system is primarily used for online collaboration. A privilege impropriety vulnerability exists in SPIP versions prior to 3.1.11 and 3.2.2 prior to 3.2.5, which can be exploited by an attacker to modify arbitrary published content or make other...

6.5CVSS8.8AI score0.01487EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/03 12:0 a.m.3 views

Palo Alto Networks Traps Code Injection Vulnerability

Palo Alto Networks Traps is a suite of endpoint security protection software from Palo Alto Networks, USA. A code injection vulnerability exists in Palo Alto Networks Traps 5.0.5 and prior versions. The vulnerability stems from a network system or product not properly filtering specific elements ...

6.5CVSS7.6AI score0.00902EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/05/13 5:3 a.m.7 views

thunderbird: flaw in verification of S/MIME signature resulting in signature spoofing

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with...

5.3CVSS7.4AI score0.01676EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/08/16 2:24 p.m.10 views

mysql: Server: DML unspecified vulnerability (CPU Jul 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

4.9CVSS7.1AI score0.03225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/08/01 2:18 p.m.11 views

mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

6.5CVSS7.2AI score0.04792EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/11/07 4:45 p.m.7 views

JDK: unspecified vulnerability fixed in 7u45 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5831...

5CVSS6.7AI score0.03388EPSS
Exploits0References5
Rows per page
Query Builder