Lucene search
K

107 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:41 p.m.15 views

CVE-2022-21439

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

4.2CVSS5.5AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 p.m.8 views

CVE-2022-21627

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

4.4CVSS5.7AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 p.m.6 views

CVE-2022-21298

Vulnerability in the Oracle Solaris product of Oracle Systems component: Install. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

3.9CVSS5.7AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.5 views

CVE-2021-2475

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

4.4CVSS5.7AI score0.00383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:18 p.m.11 views

CVE-2021-2324

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Loans And Deposits. Supported versions that are affected are 12.0-12.4, 14.0-14.4 and . Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

4.9CVSS5.7AI score0.00504EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 p.m.9 views

CVE-2021-26995

E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code...

8.8CVSS7.5AI score0.01213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:53 a.m.13 views

CVE-2017-9448

Cross-site scripting XSS vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter. This issue exists in core\admin\ajax\pages\save-revision.php and core\admin\modules\pages\revisions.php. Low-privileged...

5.4CVSS5.8AI score0.00592EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.3 views

PT-2025-29667

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.1.10 Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Successful attacks can result in a takeover of Oracle VM VirtualBox. Attacks may...

8.2CVSS7.4AI score0.00233EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/04/30 11:35 a.m.8 views

CVE-2025-24345

A vulnerability in the “Hosts” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the “hosts” file in an unintended manner via a crafted HTTP request...

6.3CVSS6.8AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 9:16 p.m.16 views

CVE-2025-30712

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

8.1CVSS7AI score0.00541EPSS
Exploits1References1
NVD
NVD
added 2025/04/15 9:15 p.m.14 views

CVE-2025-30703

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

2.7CVSS0.00485EPSS
Exploits0References2
Amd
Amd
added 2025/03/05 12:0 a.m.40 views

AMD CPU Microcode Signature Verification Vulnerability

AMD ID: AMD-SB-7033 Potential Impact: Loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment Severity: Medium Summary Researchers from Google®have provided AMD with a report titled “AM...

6.4CVSS7.2AI score0.00097EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2025/02/24 12:0 a.m.27 views

Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability

Oracle Agile Product Lifecycle Management PLM contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the system...

8.8CVSS6.5AI score0.03405EPSS
In wildExploits0
NVD
NVD
added 2025/02/20 12:15 p.m.10 views

CVE-2025-21106

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system...

5.5CVSS0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/14 3:7 p.m.12 views

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

4.3CVSS6.8AI score0.00275EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/11 5:37 p.m.13 views

CVE-2025-24420 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to modify select data. Exploitation of this...

4.3CVSS5.2AI score0.00536EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/07 6:4 p.m.9 views

CVE-2025-20904

Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption...

6.7CVSS6.5AI score0.00154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:46 p.m.14 views

CVE-2020-14713

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

7.5CVSS6.4AI score0.00372EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 2:15 p.m.11 views

CVE-2020-2802

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM component: GraalVM Compiler. Supported versions that are affected are 19.3.1 and 20.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle...

7.7CVSS6.6AI score0.01318EPSS
Exploits0
CVE
CVE
added 2025/02/04 7:19 a.m.81 views

CVE-2025-20886

CVE-2025-20886 concerns Samsung Mobile devices where the issue resides in the softsim trustlet due to sensitive information being included in test code prior to the SMR January 2025 Release 1. The documented impact is that local privileged attackers can obtain the test key. Public technical detai...

4.4CVSS4.2AI score0.0013EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder