Lucene search
K

7860 matches found

Vulnrichment
Vulnrichment
added 2026/05/10 9:0 a.m.8 views

CVE-2026-8243 Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key

A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...

6.9CVSS5.8AI score0.00292EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 9:0 a.m.42 views

CVE-2026-8243 Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key

A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...

6.9CVSS0.00292EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/10 9:0 a.m.10 views

EUVD-2026-28992

A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...

6.9CVSS5.8AI score0.00292EPSS
Exploits0References3
CVE
CVE
added 2026/05/10 9:0 a.m.13 views

CVE-2026-8243

The CVE-2026-8243 entry concerns Industrial Application Software IAS Canias ERP 8.03, affecting the JNLP Deployment Endpoint. The description indicates that manipulating this endpoint can lead to use of a hard-coded cryptographic key, with the attack potentially executable from a remote location....

6.9CVSS5.8AI score0.00292EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/10 1:39 a.m.180 views

Dark-Moon

The Open-Source AI-...

6.1AI score
Exploits0
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.7 views

Canias ERP 加密问题漏洞

Canias ERP is a comprehensive management system developed by the Swiss company Canias, covering enterprise resource planning and business process management. Version 8.03 of Canias ERP contains a security vulnerability related to encryption. This vulnerability stems from the use of hardcoded...

6.9CVSS6.1AI score0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.11 views

PT-2026-39512

e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Attackers can upload a crafted theme package through the theme.php endpoint that deploys a web shell ...

8.8CVSS6.6AI score0.0059EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.15 views

PT-2026-39469

Name of the Vulnerable Software and Affected Versions IAS Canias ERP version 8.03 Description A remote attack can be performed against the JNLP Deployment Endpoint component. Manipulation of an unknown function within this component can lead to the use of a hard-coded cryptographic key, which is ...

6.9CVSS6AI score0.00292EPSS
Exploits0References9
OSV
OSV
added 2026/05/08 5:45 a.m.8 views

BIT-JRE-2023-21954

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS7.2AI score0.01421EPSS
Exploits0References9
OSV
OSV
added 2026/05/08 5:44 a.m.6 views

BIT-JRE-2021-35560

Vulnerability in the Java SE product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require...

7.5CVSS5.8AI score0.04495EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 5:43 a.m.6 views

BIT-JRE-2020-2778

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

4.3CVSS6.7AI score0.02298EPSS
Exploits0References6
OSV
OSV
added 2026/05/08 5:43 a.m.10 views

BIT-JRE-2020-2755

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS5.8AI score0.03899EPSS
Exploits0References15
OSV
OSV
added 2026/05/08 5:43 a.m.6 views

BIT-JRE-2020-2754

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS6.7AI score0.04128EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-38862

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

7.3CVSS5.8AI score0.00245EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-38687

Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks o...

4.3CVSS6.1AI score0.03377EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-38735

Vulnerability in the Java SE product of Oracle Java SE component: Deployment. The supported version that is affected is Java SE: 8u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require...

7.5CVSS5.8AI score0.04495EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38812

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated...

2.5CVSS5.8AI score0.00354EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-38763

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows...

7.5CVSS5.9AI score0.46677EPSS
Exploits6References20
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.18 views

PT-2026-38716

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS5.8AI score0.04211EPSS
Exploits0References17
Snyk
Snyk
added 2026/05/07 7:43 p.m.9 views

Active Debug Code

Overview Affected versions of this package are vulnerable to Active Debug Code via the Installer process. An attacker can access sensitive server configuration, environment variables, filesystem paths, and loaded PHP extensions by sending an unauthenticated GET request with the phpinfo parameter...

6.9CVSS5.8AI score0.0024EPSS
Exploits0References2
Rows per page
Query Builder