Lucene search
K

5570 matches found

Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40328

Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00174EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40345

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/11 8:36 p.m.13 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS
Exploits0References7
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.22 views

DOM-based XSS in Jira Software Data Center

This High severity DOM-based XSS vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This DOM-based XSS vulnerability, with a CVSS Score of 8 and a CVSS Vector of...

8CVSS6.8AI score0.0077EPSS
Exploits0
OSV
OSV
added 2026/05/06 2:41 p.m.9 views

BIT-JAVA-MIN-2020-14792

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS6.7AI score0.02203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37709

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...

7.5CVSS5.8AI score0.04008EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37678

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS6.7AI score0.02203EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Important: gimp

Issue Overview: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS7.9AI score0.00755EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2026/04/27 12:0 a.m.11 views

Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.11 views

CVE-2026-35252

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware component: C Oracle SSL API. Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

6.4CVSS0.00159EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.4 views

CVE-2026-34274

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successf...

6.1CVSS0.00179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.3 views

CVE-2026-34284

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-34069

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise XML Database. Successful attacks require human interaction...

5.3CVSS5.7AI score0.00227EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.9 views

PT-2026-34146

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker...

6.8CVSS5.8AI score0.0011EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.13 views

Microsoft Qlib fit Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Qlib. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fit function. T...

7.8CVSS6.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 10:58 p.m.3 views

CVE-2026-27298

Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

7.8CVSS6.3AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 10:58 p.m.21 views

CVE-2026-27301

Adobe Framemaker 2022.8 and earlier is affected by a heap-based buffer overflow that can disclose memory contents. Exploitation requires user interaction: the victim must open a malicious file. CVSS v3.1 indicates LOCAL attack vector, LOW attack complexity, NONE privileges, and UI:R with CONFIDEN...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/14 10:58 p.m.13 views

CVE-2026-27299

CVE-2026-27299 affects Adobe FrameMaker 2022.8 and earlier and is caused by improper input validation that can lead to arbitrary file system read. The vulnerability requires a user to open a malicious file, enabling an attacker to access sensitive data on the local system. The CVSSv3.1 base score...

6.3CVSS5.9AI score0.00155EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 7:44 p.m.3 views

CVE-2026-27310 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 7:44 p.m.3 views

CVE-2026-27313 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder