Lucene search
K

202 matches found

NVD
NVD
added 2025/06/10 11:15 p.m.4 views

CVE-2025-46874

Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 2025/06/09 12:25 p.m.64 views

CVE-2025-40668

CVE-2025-40668 : Affected software is TC MAN’s GIM v11. The vulnerability is an incorrect authorization flaw that lets a low-privilege attacker change other users’ passwords by sending a POST to the endpoint "/PC/WebService.aspx/validateChangePasswordña" with parameters idUser, PasswordActual, Pa...

7.1CVSS6.7AI score0.00233EPSS
Exploits0References1Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/08 12:0 a.m.8 views

Exploiting Inaccurate Branch History in Side-Channel Attacks

Modern out-of-order CPUs heavily rely on speculative execution for performance optimization, with branch prediction serving as a cornerstone to minimize stalls and maximize efficiency. Whenever shared branch prediction resources lack proper isolation and sanitization methods, they may originate...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:46 a.m.8 views

CVE-2024-20462

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:24 a.m.8 views

CVE-2023-21985

Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

7.7CVSS6.7AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.7 views

CVE-2023-29728

The Call Blocker application 6.6.3 for Android allows attackers to tamper with feature-related data, resulting in a severe elevation of privilege attack...

9.8CVSS7AI score0.00583EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:21 a.m.9 views

CVE-2022-21498

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to compromise Java VM...

6.5CVSS6.2AI score0.00692EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:40 p.m.4 views

CVE-2022-21286

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS5.8AI score0.02686EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.8 views

CVE-2021-37841

Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with...

7.8CVSS7.5AI score0.00732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.10 views

CVE-2020-9127

Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions include:NIP6300...

6.7CVSS7.2AI score0.00383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:13 p.m.4 views

CVE-2020-14715

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle...

4.4CVSS5.7AI score0.00382EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.10 views

CVE-2019-3017

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.2CVSS6.8AI score0.00884EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:14 a.m.7 views

CVE-2019-2936

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Difficult to exploit vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTT...

6.8CVSS6.3AI score0.01341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:49 a.m.6 views

CVE-2019-5246

Smartphones with software of ELLE-AL00B 9.1.0.109C00E106R1P21, 9.1.0.113C00E110R1P21, 9.1.0.125C00E120R1P21, 9.1.0.135C00E130R1P21, 9.1.0.153C00E150R1P21, 9.1.0.155C00E150R1P21, 9.1.0.162C00E160R2P1 have an insufficient verification vulnerability. The system does not verify certain parameters...

6.2CVSS7.2AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.7 views

CVE-2019-5229

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R2P1 have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could...

6.2CVSS7.2AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 10:16 p.m.10 views

CVE-2025-21588

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS6AI score0.0076EPSS
Exploits0References4
NVD
NVD
added 2025/04/15 9:16 p.m.11 views

CVE-2025-30715

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS0.00821EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/04/15 8:31 p.m.5 views

CVE-2025-30721

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

4CVSS5.3AI score0.00198EPSS
Exploits0
OSV
OSV
added 2025/04/15 8:30 p.m.8 views

CVE-2025-21585

Bulletin has no description...

4.9CVSS6.3AI score0.0076EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/04/15 8:30 p.m.7 views

CVE-2025-21583

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...

4.9CVSS5.4AI score0.00754EPSS
Exploits0
Rows per page
Query Builder