Lucene search
K

30 matches found

CVE
CVE
added 2026/06/09 12:20 a.m.32 views

CVE-2026-44744

Affected software : SAP S/4HANA On-Premise. Vulnerability : SQL injection in a remote-enabled function module component. Root cause / what’s vulnerable : An authenticated attacker could influence SQL queries via the affected function module, potentially enabling unauthorized database queries. Imp...

6.5CVSS5.7AI score0.00224EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 10:15 p.m.24 views

CVE-2026-21963

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

6CVSS0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:20 a.m.5 views

CVE-2021-2297

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

5.3CVSS5.3AI score0.00687EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-29555

Malicious code in bioql PyPI...

6.8CVSS5.4AI score0.00546EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:51 p.m.5 views

BIT-LIBPYTHON-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

5.7CVSS6.8AI score0.01863EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.3 views

SAP NetWeaver Application Server ABAP 安全漏洞

SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP that stems from a lack of authorization checking, which could allow an overprivileged...

4.9CVSS6.3AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2020-14331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an...

7.2CVSS6.8AI score0.00563EPSS
Exploits1References3
OSV
OSV
added 2024/10/15 8:15 p.m.5 views

CVE-2024-21234

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...

7.5CVSS5.8AI score0.00689EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.11 views

The vulnerability of the qcom-geni-serial component in the Linux operating system allows for interference with the confidentiality and accessibility of protected information.

The vulnerability of the qcom-geni-serial component in the Linux operating system is related to it exceeding the buffer limits of the RX FIFO. Exploiting this vulnerability could allow an attacker to influence the confidentiality and accessibility of the protected information...

7.1CVSS6.4AI score0.00248EPSS
Exploits0References14Affected Software3
Prion
Prion
added 2024/08/30 10:15 p.m.10 views

CVE-2024-8285

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perfor...

5.9CVSS0.00378EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.3 views

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

6.5CVSS6.6AI score0.00546EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/03/27 7:36 p.m.72 views

CVE-2024-23451

An incorrect authorization flaw was found in the API key based security model for Remote Cluster Security in the elasticsearch package. A malicious user with a valid API key can leverage this issue to gain access to read any documents from any index in the remote cluster, exposing possible...

4.4CVSS7AI score0.00435EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.6 views

SAP NetWeaver ABAP Server 跨站脚本漏洞

SAP NetWeaver ABAP Server is a German SAP SAP company used as a Web application server for SAP products. A cross-site scripting vulnerability exists in SAP NetWeaver ABAP Server, which stems from a cross-site scripting XSS vulnerability due to insufficient encoding of user-controlled input. An...

5.4CVSS5.5AI score0.00298EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/04/20 1:41 a.m.5 views

OpenJDK: incorrect enqueue of references in garbage collector (8298191)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS7.2AI score0.01421EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:33 a.m.6 views

SUSE CVE-2018-2972

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

5.9CVSS7.9AI score0.03503EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.6 views

SUSE CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

8CVSS7AI score0.0211EPSS
Exploits0References21
Vulnrichment
Vulnrichment
added 2022/12/20 12:0 a.m.7 views

CVE-2022-41599

The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality...

7.5AI score0.00398EPSS
Exploits0References2
OSV
OSV
added 2022/10/14 4:15 p.m.4 views

CVE-2022-38985

The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality...

7.5CVSS5.8AI score0.00422EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/12 9:15 p.m.2 views

CVE-2022-35169

SAP BusinessObjects Business Intelligence Platform LCM - versions 420, 430, allows an attacker with an admin privilege to read and decrypt LCMBIAR file's password under certain conditions, enabling the attacker to modify the password or import the file into another system causing high impact on...

6.5CVSS5.8AI score0.00627EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2022/04/19 10:22 a.m.4 views

ceph: Unauthorized global_id reuse in cephx

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

7.2CVSS7.2AI score0.0211EPSS
Exploits0References4
Rows per page
Query Builder