Lucene search
K

79 matches found

OSV
OSV
added 2024/04/12 3:15 p.m.6 views

CVE-2024-21610

An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon cosd of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service DoS. In a scaled CoS scenario with 1000s of interfaces, when...

4.3CVSS5.8AI score0.00478EPSS
Exploits0References2
OSV
OSV
added 2023/12/15 11:15 a.m.5 views

CVE-2023-48598

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.8AI score0.00597EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/13 12:0 a.m.7 views

CVE-2023-47320

Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in "Maintenance Mode" due to broken access control. This makes the application unavailable to all users. This affects...

8.1AI score0.00721EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:33 a.m.4 views

SUSE CVE-2018-2844

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

8.8CVSS9AI score0.01058EPSS
Exploits3References5
Vulnrichment
Vulnrichment
added 2023/01/23 2:31 p.m.4 views

CVE-2022-4751 Word Balloon < 4.19.3 - Contributor+ Stored XSS via Shortcode

The Word Balloon WordPress plugin before 4.19.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

5.5AI score0.00471EPSS
Exploits2References1
OSV
OSV
added 2022/12/13 4:15 p.m.3 views

CVE-2022-46833

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2022/10/18 9:15 p.m.2 views

CVE-2022-21590

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Core Formatting API. Supported versions that are affected are 5.9.0.0, 6.4.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

7.6CVSS5.8AI score0.00645EPSS
Exploits0References1
OSV
OSV
added 2022/04/19 9:15 p.m.13 views

UBUNTU-CVE-2022-21488

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

3.8CVSS6.5AI score0.00354EPSS
Exploits0References3
OSV
OSV
added 2021/10/23 5:48 p.m.9 views

MGASA-2021-0488 Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 6.1.28 maintenance release that fixes at least the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 contains an easily exploitable vulnerability that allows high privileged attacker with logon to the infrastructure whe...

7.8CVSS6.3AI score0.004EPSS
Exploits0References4
OSV
OSV
added 2020/04/15 2:15 p.m.7 views

UBUNTU-CVE-2020-2913

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

7CVSS7.1AI score0.00385EPSS
Exploits0References3
CVE
CVE
added 2019/10/16 5:40 p.m.81 views

CVE-2019-3028

CVE-2019-3028 affects Oracle VM VirtualBox Core in VirtualBox: versions before 5.2.34 and before 6.0.14 are vulnerable. The issue allows a local, low-privilege attacker with logon to the host environment to compromise/run takeover of VirtualBox (impacting related products). CVSS v3.1 base score 8...

8.8CVSS8.5AI score0.00614EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/07/23 11:15 p.m.6 views

CVE-2019-2858

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware subcomponent: Advanced Console. Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

4.3CVSS6.1AI score0.00859EPSS
Exploits0References1
OSV
OSV
added 2019/01/16 7:30 p.m.4 views

UBUNTU-CVE-2019-2448

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

5.5CVSS6.7AI score0.00518EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/08/16 2:24 p.m.4 views

mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via...

3.5CVSS7.2AI score0.01515EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2018/06/20 3:29 p.m.3 views

CVE-2018-9036

CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged users...

4.8CVSS5.4AI score0.00518EPSS
Exploits0References2
OSV
OSV
added 2017/04/24 7:59 p.m.2 views

CVE-2017-3587

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...

8.4CVSS5.8AI score0.01459EPSS
Exploits0References4
OSV
OSV
added 2017/04/24 7:59 p.m.2 views

CVE-2017-3538

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...

7.5CVSS5.8AI score0.00353EPSS
Exploits1References3
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3551

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Smartcard Libraries. The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...

6.6CVSS5.8AI score0.00394EPSS
Exploits0References3
OSV
OSV
added 2017/01/27 10:59 p.m.3 views

CVE-2017-3242

Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite subcomponent: LDOM Manager. Supported versions that are affected are 3.2 and 3.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM Server...

5.9CVSS7.3AI score0.00351EPSS
Exploits0References2
Rows per page
Query Builder