Lucene search
K

42 matches found

RedHat Linux
RedHat Linux
added 2025/09/17 3:33 p.m.6 views

mysql: InnoDB unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

5.5CVSS5.7AI score0.00425EPSS
Exploits0References5
NVD
NVD
added 2025/08/12 4:15 p.m.2 views

CVE-2025-3089

ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...

5.3CVSS0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 4:6 p.m.2 views

CVE-2025-3089 Broken Access Control in ServiceNow AI Platform

ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...

5.3CVSS7.1AI score0.0042EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 4:6 p.m.22 views

CVE-2025-3089

CVE-2025-3089 affects ServiceNow AI Platform. The vulnerability is a Broken Access Control issue that could let a low-privilege user bypass access controls and perform a limited set of higher-privilege actions, potentially leading to unauthorized data modifications. ServiceNow reports that patche...

5.3CVSS7.1AI score0.0042EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.6 views

PT-2025-32683 · Servicenow · Servicenow

Name of the Vulnerable Software and Affected Versions: ServiceNow affected versions not specified Description: A Broken Access Control vulnerability was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform actions...

5.3CVSS6.8AI score0.0042EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.4 views

Oracle E-Business Suite 跨站请求伪造漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Applications Framework versions...

5.4CVSS7.2AI score0.00163EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.4 views

Oracle MySQL 访问控制错误漏洞

Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. An access control error vulnerability in Oracle MySQL's MySQL Client versions 8.0.0 through...

3.1CVSS6.6AI score0.00244EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/04/16 12:0 a.m.10 views

Oracle Java SE Unknown Vulnerability (Apr 2025) - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS5.2AI score0.00522EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 12:37 a.m.5 views

CVE-2025-27431 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java

User management functionality in SAP NetWeaver Application Server Java is vulnerable to Stored Cross-Site Scripting XSS. This could enable an attacker to inject malicious payload that gets stored and executed when a user accesses the functionality, hence leading to information disclosure or...

5.4CVSS6.1AI score0.00202EPSS
Exploits0References2
CVE
CVE
added 2025/03/11 12:37 a.m.52 views

CVE-2025-27431

CVE-2025-27431 affects SAP NetWeaver Application Server Java. The vulnerability is a Stored Cross-Site Scripting (XSS) in the user management functionality, allowing stored payloads that execute in a victim’s browser and potentially lead to information disclosure or unauthorized data modification...

5.4CVSS6.1AI score0.00202EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.4 views

PT-2024-4894 · Oracle · Oracle Complex Maintenance

Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 12.2.3 through 12.2.13 Description: The issue exists due to insufficient input validation in the LOV component of the Oracle Complex Maintenance, Repair, and Overhaul product within...

6.4CVSS7AI score0.00346EPSS
Exploits0References5
CNVD
CNVD
added 2023/12/25 12:0 a.m.15 views

Apache Airflow Security Bypass Vulnerability (CNVD-2024-0101523)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.8.0,...

6.5CVSS6.9AI score0.0139EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/09/14 1:47 p.m.5 views

mysql: Server: Options unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5CVSS7.3AI score0.01601EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.278 views

Oracle Linux 8 : java-17-openjdk (ELSA-2022-5726)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5726 advisory. 1:17.0.4.0.8-0.2.ea - Add rpminspect.yaml to turn off Java bytecode inspections - java-17-openjdk deliberately produces Java 17 bytecode, not the defau...

7.5CVSS6.7AI score0.17673EPSS
Exploits2References5
OSV
OSV
added 2021/06/22 10:15 p.m.2 views

CVE-2021-34395

Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service...

4.2CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/06/22 10:15 p.m.22 views

Design/Logic Flaw

Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service...

4.6CVSS4.8AI score0.00179EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/07/16 12:0 a.m.1 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-41747)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. MySQL Server 8.0.20 and prior versions of Server in Oracle MySQL: Security: A security vulnerability exists in the Roles component. An attacker can...

5.5CVSS7.6AI score0.0215EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/17 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Hospitality Applications (CNVD-2020-17126)

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hospitality management from Oracle. The product offers features such as human resource cost management, tracking and management of services throughout a customer's journey to improve customer...

7.1CVSS7AI score0.01123EPSS
Exploits0References1
NVD
NVD
added 2019/03/26 6:29 p.m.20 views

CVE-2019-8988

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...

8.1CVSS7AI score0.0178EPSS
Exploits0References3
OSV
OSV
added 2017/10/19 5:29 p.m.4 views

CVE-2017-10050

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

8.2CVSS7.3AI score0.01376EPSS
Exploits0References2
Rows per page
Query Builder