Lucene search
K

33 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.7 views

Oracle Enterprise Manager Cloud Control (June 2026 CSPU)

The 13.5 and 24.1 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Target...

9.9CVSS6.7AI score0.0086EPSS
Exploits1References22
NVD
NVD
added 2026/06/17 10:54 a.m.6 views

CVE-2026-46855

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

9.9CVSS0.00441EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46853

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

9.6CVSS0.00483EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49960

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...

9.9CVSS5.8AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49961

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. An unauthenticated attacker...

9.6CVSS5.8AI score0.00483EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.27 views

PT-2026-49964

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. An unauthenticated attacker...

9.6CVSS5.8AI score0.00473EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-49963

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...

9.9CVSS5.8AI score0.00441EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.12 views

CVE-2026-29080

A SQL injection vulnerability in FilterEngine.createsqlaquery allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint GET /dids//dids/search. On Oracle deployments attacker-controlled filter keys and values are interpolated directl...

9.4CVSS6AI score0.00281EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 4:44 p.m.5 views

CVE-2026-29080

A SQL injection vulnerability in FilterEngine.createsqlaquery allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint GET /dids//dids/search. On Oracle deployments attacker-controlled filter keys and values are interpolated directl...

9.4CVSS6AI score0.00281EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/06 4:44 p.m.4 views

GHSA-6J7P-QJHG-9947 Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API

Summary A SQL injection vulnerability in FilterEngine.createpostgresquery allows any authenticated Rucio user to execute arbitrary SQL against the configured PostgreSQL metadata database through the DID search endpoint GET /dids//dids/search. When the external metadata plugin postgresmeta is...

9.9CVSS6.7AI score0.00301EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/06 4:42 p.m.10 views

Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API

Summary A SQL injection vulnerability in the Oracle path of FilterEngine.createsqlaquery allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint GET /dids//dids/search. Attacker-controlled filter keys and values are interpolated...

9.4CVSS6.5AI score0.00281EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-6289

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00533EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-16852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itsel...

8.1CVSS7.5AI score0.01105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:4 p.m.5 views

CVE-2022-34190

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.1 and earlier does not escape the name and description of List maven artifact versions parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure...

5.4CVSS5.5AI score0.00602EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 p.m.8 views

CVE-2022-36905

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.5AI score0.00533EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.6 views

The vulnerability of the Jenkins Maven Metadata Plugin, which exists due to the lack of protective measures for website structure, allows attackers to execute XSS attacks.

The vulnerability of the Jenkins Maven Metadata Plugin exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.8AI score0.00533EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/28 12:0 a.m.18 views

GHSA-8294-MV9C-7M5H Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin

Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

8CVSS5.5AI score0.00533EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.1 views

CVE-2022-36905

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.6AI score0.00533EPSS
Exploits0References3
NVD
NVD
added 2022/07/27 3:15 p.m.8 views

CVE-2022-36905

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00533EPSS
Exploits0References2
OSV
OSV
added 2022/07/27 3:15 p.m.4 views

CVE-2022-36905

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.7AI score0.00533EPSS
Exploits0References2
Rows per page
Query Builder