Lucene search
K

322 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:22 p.m.5 views

CVE-2022-21475

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking...

5.9CVSS6.4AI score0.00592EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.4 views

CVE-2021-2386

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 20.12.0-20.12.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

4.3CVSS4.9AI score0.00662EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 6:15 p.m.6 views

CVE-2025-20214

A vulnerability in the Network Configuration Access Control Module NACM of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior caus...

4.3CVSS5.8AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 6:15 p.m.5 views

CVE-2025-20200

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/07 6:15 p.m.6 views

CVE-2025-20198

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...

8.2CVSS5.8AI score0.00141EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/05/07 6:15 p.m.5 views

CVE-2025-20186

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...

8.8CVSS7AI score0.01159EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/05/07 5:35 p.m.110 views

CVE-2025-20181

CVE-2025-20181 affects Cisco IOS Software on Catalyst 2960X/2960XR/2960CX/3560CX switches. Root cause: missing signature verification for files loaded during boot, enabling an attacker with physical access or a privileged user to execute persistent code at boot and break the chain of trust. Affec...

6.8CVSS7AI score0.00159EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/03/04 6:15 a.m.12 views

CVE-2025-0360

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API...

7.8CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/04 5:24 a.m.7 views

CVE-2025-0360

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API...

7.8CVSS7.6AI score0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.3 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from an incorrect user privilege level...

7.8CVSS6.9AI score0.00137EPSS
Exploits0References3
OSV
OSV
added 2025/03/03 8:15 p.m.6 views

CVE-2024-51953

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

4.8CVSS6AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.6 views

Siemens APOGEE Series 缓冲区错误漏洞

Siemens APOGEE Series is a family of building automation and control systems from Siemens, Germany. A buffer error vulnerability exists in the Siemens APOGEE Series, which stems from an out-of-bounds read issue in the memory dump function of the affected device. This could allow an attacker with...

6CVSS6.6AI score0.00402EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-36310

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the get user function related to user read access. Due to the implementation of read access support, read access interruptions are not triggered at...

5.5CVSS6.2AI score0.00136EPSS
Exploits0
CNNVD
CNNVD
added 2024/12/11 12:0 a.m.2 views

GLPI 访问控制错误漏洞

GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

8.8CVSS4.6AI score0.00434EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.7 views

Cisco NX-OS Command Injection (CVE-2017-12339)

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacker could exploit this vulnerability by injecting...

5.7CVSS6.2AI score0.007EPSS
Exploits0References7
NVD
NVD
added 2024/11/22 8:15 p.m.45 views

CVE-2023-52333

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that...

9.8CVSS0.01854EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.52 views

CVE-2023-51648

Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a...

7.5CVSS0.01904EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.12 views

CVE-2023-51642

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

9.8CVSS0.01259EPSS
Exploits0References2
NVD
NVD
added 2024/11/22 8:15 p.m.21 views

CVE-2023-51641

Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

9.8CVSS0.01259EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.12 views

CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability

Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

7.5CVSS7.3AI score0.01904EPSS
Exploits0References2
Rows per page
Query Builder