CVE-2020-6097

An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger...

CVE-2020-2953

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Promotions. The supported version that is affected is 18.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-2876

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

CVE-2020-2798

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via IIOP, T...

CVE-2020-2699

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...

CVE-2024-21067

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Host Management. The supported version that is affected is 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Enterpris...

CVE-2024-3482

A Stored Cross-Site Scripting XSS vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited...

CVE-2025-1010 Use-after-free in Custom Highlight

An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009 Use-after-free in XSLT

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1009

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-21529

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

Google Chrome Security Update (stable-channel-update-for-desktop_22-2025-01) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

CVE-2025-21558

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 20.12.1.0-20.12.21.5, 21.12.1.0-21.12.20.0 and 22.12.1.0. Easily exploitable vulnerability allows low privileged...

CVE-2025-21556

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain component: Agile Integration Services. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM...

firefox: thunderbird: Use-after-free when breaking lines in text

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash...

firefox: Memory corruption when using JavaScript Text Segmentation

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...

firefox: Memory corruption when using JavaScript Text Segmentation

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...

firefox: Memory corruption when using JavaScript Text Segmentation

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...

firefox: Memory corruption when using JavaScript Text Segmentation

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...

firefox: Memory corruption when using JavaScript Text Segmentation

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash...