CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

Positive Technologies•added 2026/05/08 12:0 a.m.•9 views

PT-2026-38862

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

7.3CVSS5.8AI score0.00245EPSS

Exploits0References3

BDU FSTEC•added 2025/07/23 12:0 a.m.•4 views

The vulnerability of the Install component of the Oracle Java SE software platform allows a perpetrator to gain full control over the application.

The vulnerability of the Install component of the Oracle Java SE software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

7.3CVSS7.2AI score0.00245EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2025/02/14 12:0 a.m.•4 views

PT-2025-7118 · Hooskcms · Hooskcms

Name of the Vulnerable Software and Affected Versions: hooskcms version 1.7.1 Description: The issue allows a remote attacker to obtain sensitive information through the "/install/index.php" component. This is due to a Cross Site Scripting vulnerability. Recommendations: For hooskcms version 1.7....

6.1CVSS6.2AI score0.0026EPSS

Exploits1References6

BDU FSTEC•added 2025/02/10 12:0 a.m.•4 views

The vulnerability of the Install component of the Oracle Analytics software solution allows a hacker to gain privileged access to the infrastructure.

The vulnerability of the Install component of the Oracle Analytics software solution is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain privileged access to the infrastructure...

7.8CVSS7.7AI score0.00258EPSS

Exploits0References3Affected Software1

BDU FSTEC•added 2025/02/07 12:0 a.m.•19 views

The vulnerability of the Install component of the software tool for managing the life cycle of products in the Oracle Agile PLM Framework allows a perpetrator to disclose protected information.

The vulnerability of the Install component of the software lifecycle management tool for Oracle Agile PLM Framework relates to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through HTTP requests...

7.8CVSS7.7AI score0.00479EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2025/01/21 9:15 p.m.•3 views

CVE-2025-21532

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics component: Install. Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to...

7.8CVSS7.2AI score0.00258EPSS

Exploits0References2

Positive Technologies•added 2024/04/07 12:0 a.m.•5 views

PT-2024-23728 · Candycms · Candycms

Name of the Vulnerable Software and Affected Versions: CandyCMS version 1.0.0 Description: An issue was discovered in CandyCMS, allowing remote attackers to execute arbitrary code via the install.php component. Recommendations: For CandyCMS version 1.0.0, consider disabling access to the...

9.8CVSS8.4AI score0.00948EPSS

Exploits0References4

F5 Networks•added 2023/02/21 6:47 p.m.•45 views

K01294982: Oracle Java SE vulnerability CVE-2018-2811

Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes ...

7.7CVSS6.6AI score0.00489EPSS

Exploits0

ATTACKERKB•added 2022/01/19 12:15 p.m.•4 views

CVE-2022-21298

Vulnerability in the Oracle Solaris product of Oracle Systems component: Install. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

3.9CVSS6.4AI score0.00283EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2020/11/02 12:0 a.m.•3 views

The vulnerability of the Install component (developed by Dave Gamble/cJSON) in the Oracle TimesTen In-Memory Database application-level database allows a attacker to cause a service failure.

The vulnerability of the Install component developed by Dave Gamble/cJSON in the Oracle TimesTen In-Memory Database, a relational database at the application level, is related to insufficient checking of exceptional states. Exploiting this vulnerability could allow an attacker to cause service...

7.8CVSS7.3AI score0.02418EPSS

Exploits1References3Affected Software2

Prion•added 2018/04/19 2:29 a.m.•29 views

Design/Logic Flaw

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE...

3.7CVSS7.6AI score0.00489EPSS

Exploits0References8Affected Software5

CNVD•added 2018/04/18 12:0 a.m.•2 views

Unspecified Vulnerability in Oracle Java SE (CNVD-2018-09065)

Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments. An unspecified vulnerability exists in the Install component of Oracle Java SE. An attacker could exploit this vulnerabilit...

7.7CVSS6.5AI score0.00489EPSS

Exploits0References1