Lucene search
+L

8 matches found

osv
osv
added 2026/05/06 8:16 a.m.7 views

DEBIAN-CVE-2026-23927

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS5.8AI score0.00229EPSS
Exploits0References1
nvd
nvd
added 2026/05/06 8:16 a.m.11 views

CVE-2026-23927

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS0.00229EPSS
Exploits0References1
euvd
euvd
added 2026/05/06 6:59 a.m.10 views

EUVD-2026-27528

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS5.8AI score0.00229EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/06 6:59 a.m.9 views

CVE-2026-23927

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS5.8AI score0.00229EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/05/06 6:59 a.m.29 views

CVE-2026-23927 Agent 2 Oracle plugin TNS connection string injection via the 'service' parameter

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS0.00229EPSS
Exploits0References1
cve
cve
added 2026/05/06 6:59 a.m.35 views

CVE-2026-23927

The CVE-2026-23927 entry describes a vulnerability in the Agent 2 Oracle plugin where an authenticated user who can connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can cause Agent 2 to connect to an attacker-controlled server and may leak Oracle dat...

5CVSS5.8AI score0.00229EPSS
Exploits0References1
debiancve
debiancve
added 2026/05/06 6:59 a.m.10 views

CVE-2026-23927

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS5.8AI score0.00229EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.20 views

PT-2026-37345

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS5.8AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder