Lucene search
+L

317 matches found

RedhatCVE
RedhatCVE
added 2026/04/21 1:22 a.m.9 views

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.11 views

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. There is a security vulnerability in Oracle MySQL Server, which stems from issues with the Server: Group Replication Plugin component. This vulnerability may allow attackers with low privileges to acce...

6.5CVSS7.2AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.14 views

Oracle Financial Services Analytical Applications Infrastructure 安全漏洞

Oracle Financial Services Analytical Applications Infrastructure is a financial data analysis and modeling platform developed by Oracle Corporation. There is a security vulnerability in Oracle Financial Services Analytical Applications Infrastructure, which stems from issues with the Platform...

6.5CVSS7.2AI score0.00291EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.13 views

Oracle Agile Product Lifecycle Management for Process 安全漏洞

Oracle Agile Product Lifecycle Management for Process is a product lifecycle management system designed for the process industry by Oracle Corporation. Version 6.2.4 of Oracle Agile Product Lifecycle Management for Process contains a security vulnerability. This vulnerability stems from issues wi...

4.3CVSS7.2AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.16 views

Oracle PeopleSoft Enterprise HCM Shared Components 安全漏洞

Oracle PeopleSoft Enterprise HCM Shared Components is a set of common component modules for human resources systems developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise HCM Shared Components contains a security vulnerability. This vulnerability stems from issues with the...

5.4CVSS7.2AI score0.00152EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-34124

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

6.5CVSS5.7AI score0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.13 views

PT-2026-34146

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker...

6.8CVSS5.8AI score0.0011EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/20 12:0 a.m.5 views

CVE-2026-29647

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

5.8AI score0.00231EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.10 views

PT-2026-33840

In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially enabling cross-context information leakage or disruption of interrupt handling...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.12 views

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability, which stems from insufficient Smstateen permissions. This vulnerability may allow low-privilege code access to IMSIC state, potentially leading to cross-context information leaks or...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.10 views

Malwarebytes Anti-Malware Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Anti-Malware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.15 views

PT-2026-32570

During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...

6.5CVSS5.8AI score0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/11 12:14 a.m.30 views

CVE-2026-5055 NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS0.00214EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.10 views

Juju 安全漏洞

Juju is a open-source application orchestration engine developed by Canonical Juju. Vulnerabilities existed in versions prior to Juju 2.9.57 and 3.6.21. These vulnerabilities were due to authorization issues, which could allow low-privilege users to access sensitive credentials...

9.9CVSS5.8AI score0.00445EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.11 views

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, a US-based company. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interfaces...

6.8CVSS5.8AI score0.00092EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

OrangeHRM 安全漏洞

OrangeHRM is a human resources management system developed by the American company OrangeHRM. This system supports functions such as personnel information management, leave management, attendance management, and recruitment management. Versions of OrangeHRM prior to 5.8 contained security...

5.3CVSS5.8AI score0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 10:7 a.m.16 views

CVE-2026-24096

CVE-2026-24096 affects Checkmk and stems from insufficient permission validation on multiple REST API Quick Setup endpoints. The vulnerability allows low-privileged users to perform unauthorized actions or obtain sensitive information in Checkmk 2.5.0 (beta) before 2.5.0b2 and 2.4.0 before 2.4.0p...

8.8CVSS5.9AI score0.00236EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.8 views

NoMachine External Control of File Path Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of command li...

7.8CVSS6.2AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.6 views

CVE-2026-23814

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...

8.8CVSS5.9AI score0.0055EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 4:53 p.m.5 views

EUVD-2026-14936

Craft CMS: Low-privilege users could read private asset contents when editing an asset IDOR...

7.1CVSS5.8AI score0.00353EPSS
Exploits0References4
Rows per page
Query Builder