Lucene search
+L

4430 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-38042

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows...

5.9CVSS7.2AI score0.00551EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.20 views

PT-2026-37948

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

5.3CVSS6.5AI score0.02541EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-38034

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...

7.4CVSS6.8AI score0.00784EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37757

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

7.4CVSS6.8AI score0.01295EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37788

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM...

7.4CVSS6.8AI score0.00918EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37687

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS6.9AI score0.04196EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-35248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...

5CVSS7.4AI score0.00096EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/22 10:58 a.m.7 views

CVE-2026-40906

A flaw was found in ElectricSQL, a Postgres sync engine. An authenticated user could exploit an error-based SQL injection vulnerability in the /v1/shape API's orderby parameter. This flaw allows an attacker to read, write, and destroy the full contents of the underlying PostgreSQL database. Such ...

9.9CVSS5.8AI score0.00461EPSS
Exploits1References5
NVD
NVD
added 2026/04/21 9:16 p.m.9 views

CVE-2026-34287

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...

9.1CVSS0.00346EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.8 views

CVE-2026-35248

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

5CVSS5.7AI score0.00096EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.6 views

CVE-2026-22008

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

3.7CVSS5.8AI score0.00206EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.7 views

CVE-2026-22003

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u481 and 8u481-b50; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows low privileged...

6CVSS5.8AI score0.00101EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34067

Name of the Vulnerable Software and Affected Versions Oracle Life Sciences Empirica Signal versions 9.2.1 through 9.2.3 Description An issue in the Common Core component allows a low privileged attacker with network access via HTTP to compromise the system. Successful exploitation can lead to...

8.5CVSS7.2AI score0.00202EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.13 views

PT-2026-34110

Name of the Vulnerable Software and Affected Versions Oracle Identity Manager Connector version 12.2.1.4.0 Description An issue in the Oracle Fusion Middleware Core component allows an unauthenticated attacker with network access via HTTPS to compromise the system. This can lead to unauthorized...

9.1CVSS7.4AI score0.00413EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.15 views

PT-2026-34104

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Job Profile Manager. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

6.5CVSS5.7AI score0.00373EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/02 10:53 a.m.5 views

CVE-2026-4370

A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authentication. Specifically, the Juju controller's database endpoint does not validate client...

10CVSS5.9AI score0.00381EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/01 9:16 a.m.7 views

CVE-2026-4370

A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authentication. Specifically, the Juju controller's database endpoint does not validate client...

10CVSS5.9AI score0.00381EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/31 9:53 a.m.3 views

CVE-2026-4317 SQL inyection in Umami Software application

SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...

9.3CVSS6.2AI score0.00345EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/18 8:59 p.m.5 views

CVE-2026-24743 InvoicePlane has a Stored Cross-Site Scripting (XSS) issue

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A Stored Cross-Site Scripting XSS vulnerability occurs in the upload Invoice Logo functions of InvoicePlane version 1.7.0. The Upload Invoice Logo function allows the application to upload svg file...

5.7CVSS5.7AI score0.0022EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.9 views

InvoicePlane 跨站脚本漏洞

InvoicePlane is an open-source application developed by InvoicePlane. It provides a self-hosted open-source tool for managing your quotes, invoices, customers, and payments. Version 1.7.0 of InvoicePlane contains a cross-site scripting vulnerability. This vulnerability stems from the login logo...

7.5CVSS5.6AI score0.0022EPSS
Exploits1References2
Rows per page
Query Builder