Lucene search
K

118 matches found

OSV
OSV
added 2025/09/11 6:15 p.m.4 views

CVE-2025-43790

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.6, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote authenticated users to from one virtual instance to access, create, edit, relate...

8.1CVSS6.7AI score0.00307EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-45111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows remote authenticated users to trigger the creation of...

8.1CVSS7.2AI score0.00844EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.7 views

Vulnerability of the Server component: The MySQL Server database management system’s Optimizer component allows a hacker to gain unauthorized access for creating, deleting, and modifying data.

The vulnerability of the MySQL Server component, which is part of the database management system, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to create, delete, and modify data...

6.8CVSS7.1AI score0.00424EPSS
Exploits0References2Affected Software2
SUSE CVE
SUSE CVE
added 2025/07/10 11:22 p.m.3 views

SUSE CVE-2025-38303

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking if that would fit...

6.1CVSS6.5AI score0.00146EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.4 views

CVE-2024-5459

The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...

4.3CVSS5.2AI score0.00368EPSS
Exploits0References1
Redos
Redos
added 2024/12/03 12:0 a.m.24 views

ROS-20241203-08

Vulnerability in Nextcloud cloud storage creation and utilization software Server is related to the ability to download larger-than-expected websites to find Open-Graph data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A...

8.2CVSS7.5AI score0.00779EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.14 views

The vulnerability of the Auctions component of the Oracle Sourcing supply management platform, a part of the Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to create, modify, and delete data.

The vulnerability of the Auctions component of the Oracle Sourcing supply management platform, part of the Oracle E-Business Suite, is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to...

8.5CVSS7.6AI score0.00436EPSS
Exploits0References4Affected Software2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.5 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Field Service versions 12.2.3...

8.1CVSS7.9AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.3 views

Oracle Applications Manager 安全漏洞

Oracle Applications Manager is an application management software from Oracle Corporation USA. The software provides monitoring, trending, and fault management for Oracle data files. A security vulnerability exists in Oracle Applications Manager versions 12.2.11 through 12.2.13. An attacker could...

8.1CVSS8AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.5 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business Suite...

8.1CVSS8AI score0.00436EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.6 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle MES for Process Manufacturing...

8.1CVSS8AI score0.00422EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Site Hub versions 12.2.3 throu...

8.1CVSS7.9AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Cost Management versions 12.2.1...

8.1CVSS8AI score0.00435EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Process Manufacturing Product...

8.1CVSS7.9AI score0.00422EPSS
Exploits0References2
NVD
NVD
added 2024/06/05 1:15 p.m.22 views

CVE-2024-5459

The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...

4.3CVSS4.3AI score0.00368EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/06/05 12:45 p.m.27 views

CVE-2024-5459 Restaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu Creation

The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated...

4.3CVSS4.3AI score0.00368EPSS
Exploits0References6
CVE
CVE
added 2024/06/05 12:45 p.m.57 views

CVE-2024-5459

CVE-2024-5459 affects the Restaurant Menu and Food Ordering plugin for WordPress. All versions up to 2.4.16 are vulnerable due to missing capability checks on add_section, add_menu, add_menu_item, and add_menu_page, enabling authenticated users with Subscriber-level access and above to create men...

4.3CVSS4.6AI score0.00368EPSS
Exploits0References6Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.11 views

Restaurant Menu and Food Ordering < 2.4.17 - Missing Authorization to Menu Creation

Description The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'addsection', 'addmenu', 'addmenuitem', and 'addmenupage' functions in all versions up to, and including, 2.4.16. This makes it possible for...

4.3CVSS6.4AI score0.00368EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/04/16 10:15 p.m.4 views

CVE-2024-21092

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

8.1CVSS7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.4 views

Oracle Audit Vault and Database Firewall Security Vulnerabilities

Oracle Audit Vault and Database Firewall is a database security solution from Oracle Corporation. A security vulnerability exists in Oracle Audit Vault and Database Firewall versions 20.1 through 20.9. An attacker could exploit the vulnerability to perform unauthorized creation, deletion, or...

7.5CVSS6.6AI score0.0043EPSS
Exploits0References2
Rows per page
Query Builder