Lucene search
K

202 matches found

Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.3 views

PT-2025-16404

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.41 Oracle MySQL versions 8.4.0 through 8.4.4 Oracle MySQL versions 9.0.0 through 9.2.0 Description The issue allows a high-privileged attacker with network access via multiple protocols to compromise the...

7.5CVSS5.5AI score0.01226EPSS
Exploits2References311
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.3 views

PT-2025-16427

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.0 through 8.0.41 MySQL Server versions 8.4.0 through 8.4.4 MySQL Server versions 9.0.0 through 9.2.0 Description The issue allows a high-privileged attacker with network access via multiple protocols to compromise MyS...

7.5CVSS5.9AI score0.01236EPSS
Exploits2References245
NVD
NVD
added 2025/04/08 8:15 a.m.5 views

CVE-2025-30014

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are...

7.7CVSS0.00737EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-2692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult ...

6.3CVSS6.3AI score0.00501EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 11:31 p.m.8 views

CVE-2022-41203

In some workflow of SAP BusinessObjects BI Platform Central Management Console and BI LaunchPad, an authenticated attacker with low privileges can intercept a serialized object in the parameters and substitute with another malicious serialized object, which leads to deserialization of untrusted...

9.9CVSS6.7AI score0.00924EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:56 p.m.11 views

CVE-2020-14675

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

7.5CVSS6.4AI score0.00411EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 3:47 p.m.17 views

CVE-2020-14883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

9CVSS7AI score0.97929EPSS
Exploits8
RedhatCVE
RedhatCVE
added 2025/02/05 11:9 a.m.8 views

CVE-2024-21071

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Admin Screens and Grants UI. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Whi...

9.1CVSS6.9AI score0.00723EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:16 a.m.5 views

CVE-2024-20916

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Event Management. The supported version that is affected is 13.5.0.0. Easily exploitable vulnerability allows high privileged attacker with access to the physical communication segment...

8.3CVSS6.8AI score0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/01/24 12:25 p.m.9 views

CVE-2025-21505

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS6AI score0.01025EPSS
Exploits0References4
NVD
NVD
added 2025/01/21 9:15 p.m.5 views

CVE-2025-21505

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS0.01025EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/01/21 8:52 p.m.11 views

CVE-2025-21494

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure...

4.1CVSS6.1AI score0.00281EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

Dell SmartFabric OS10 安全漏洞

Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell, U.S.A. Fabric is an open source framework for augmenting human capabilities using artificial intelligence by Daniel Miessler, an individual developer in the U.S.... Dell SmartFabric OS10 has a security vulnerability...

7.8CVSS6.5AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2024/08/31 8:15 a.m.3 views

CVE-2024-39578

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link symlink following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering...

6.3CVSS5.8AI score0.00193EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.5 views

PT-2024-33860 · WordPress · User Submitted Posts

Name of the Vulnerable Software and Affected Versions: User Submitted Posts WordPress plugin versions prior to 20240516 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...

4.8CVSS5.4AI score0.00423EPSS
Exploits1References5
OSV
OSV
added 2024/06/13 3:15 p.m.5 views

CVE-2024-28965

Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the SCG exposed for an internal enable REST API if enabled by Admin user from UI. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain Internal...

5.4CVSS5.9AI score0.00349EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 10:15 p.m.3 views

CVE-2024-21116

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

7.8CVSS7.1AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2024/04/16 10:15 p.m.11 views

CVE-2024-21062

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS4.8AI score
Exploits0References2
OSV
OSV
added 2024/04/16 10:15 p.m.8 views

CVE-2024-21013

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.4CVSS4.1AI score
Exploits0References2
OSV
OSV
added 2024/04/12 3:15 p.m.4 views

CVE-2024-21610

An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon cosd of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service DoS. In a scaled CoS scenario with 1000s of interfaces, when...

4.3CVSS5.8AI score0.00478EPSS
Exploits0References2
Rows per page
Query Builder