Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

332 matches found

Tenable Nessus
Tenable Nessusadded 4 days ago5 views

Oracle Enterprise Manager Cloud Control (June 2026 CSPU)

The 13.5 and 24.1 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Target...

9.9CVSS6.7AI score0.0086EPSS
Exploits1References22
NVD
NVDadded 6 days ago4 views

CVE-2026-46920

Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM component: Siebel Cloud Manager. Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud...

8.1CVSS0.00366EPSS
Exploits0References1
NVD
NVDadded 6 days ago4 views

CVE-2026-46870

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell for VS Code. The supported version that is affected is 2026.2.0+9.6.1. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Shell. While the...

8.5CVSS0.00301EPSS
Exploits0References1
NVD
NVDadded 6 days ago7 views

CVE-2026-46859

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: Security. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this...

9.8CVSS0.00508EPSS
Exploits0References1
NVD
NVDadded 6 days ago5 views

CVE-2026-46800

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

10CVSS0.00483EPSS
Exploits0References1
NVD
NVDadded 6 days ago4 views

CVE-2026-35315

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVDadded 6 days ago5 views

CVE-2026-35301

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server. While the...

10CVSS0.00473EPSS
Exploits0References1
NVD
NVDadded 6 days ago7 views

CVE-2026-35263

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server. While the...

9.9CVSS0.00323EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.6 views

PT-2026-49855

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware component: Client Bundle. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via T3, IIOP to compromise...

9.9CVSS5.3AI score0.00389EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.10 views

PT-2026-49846

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Content version 12.2.1.4.0 Oracle WebCenter Content version 14.1.2.0.0 Description An issue exists in the Content Server component of the Oracle WebCenter Content product within Oracle Fusion Middleware. A high privileged...

9.1CVSS5.8AI score0.00486EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.16 views

PT-2026-49916

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebCenter Content: Imaging version 12.2.1.4.0 Oracle Fusion Middleware WebCenter Content: Imaging version 14.1.2.0.0 Description An issue in the Core component of WebCenter Content: Imaging allows an unauthenticated...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.11 views

PT-2026-50053

Vulnerability in the Oracle HRMS UK product of Oracle E-Business Suite component: UK Payroll. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HRMS UK. Successful attacks of...

7.2CVSS5.2AI score0.00453EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.8 views

PT-2026-49983

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Deployment Library component of the Oracle Enterprise Manager Base Platform. A high privileged attacke...

9.1CVSS5.8AI score0.00453EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.9 views

PT-2026-49985

Name of the Vulnerable Software and Affected Versions JD Edwards EnterpriseOne Tools versions 9.2.0.0 through 9.2.26.2 Description An issue exists in the Enterprise Infrastructure Security component of Oracle JD Edwards. An unauthenticated attacker with network access via JDENET can compromise th...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.6 views

PT-2026-49996

Name of the Vulnerable Software and Affected Versions Oracle Siebel CRM Siebel Apps - Marketing versions 17.0 through 26.5 Description An issue in the Marketing component of Oracle Siebel CRM allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References3
NVD
NVDadded 2026/06/12 4:16 p.m.7 views

CVE-2026-50083

The Aqara IAM/SSO Gateway gw-builder.aqara.com used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1 Critical. When combined with CVE-2026-50082, CVE-50084, a...

9.1CVSS0.00246EPSS
Exploits0References2
NVD
NVDadded 2026/06/12 4:16 p.m.18 views

CVE-2026-50084

The Aqara Cloud Production API open-cn.aqara.com/v3.0/open/api would authorize any valid developer token for access to any account. This is an instance of "CWE-862: Missing Authorization" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N 9.6 Critical. When combined with...

9.6CVSS0.00213EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/12 3:1 p.m.9 views

EUVD-2026-36475

The Aqara Board service op-test.aqara.com accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and has an estimated CVSS...

8.6CVSS5.5AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/12 3:1 p.m.10 views

CVE-2026-50085 Aqara Board IoT insecure debug API

The Aqara Board service op-test.aqara.com accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and has an estimated CVSS...

8.6CVSS5.6AI score0.00263EPSS
Exploits0References2
CVE
CVEadded 2026/06/12 3:1 p.m.12 views

CVE-2026-50085

The CVE-2026-50085 entry concerns the Aqara Board IoT service (op-test.aqara.com). It accepts arbitrary MQTT command payloads and forwards them to the HiveMQ broker without authentication (CWE-306: Missing Authentication for Critical Function). CVSS v3.1 base score 8.6 (High): Network access, no ...

8.6CVSS5.6AI score0.00263EPSS
Exploits0References2
Rows per page
Query Builder