Lucene search
K

94 matches found

SUSE CVE
SUSE CVE
added 2025/06/06 2:14 a.m.1 views

SUSE CVE-2025-48888

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...

6.9CVSS6.8AI score0.00342EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.7 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to read, update, add, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to access control errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, update, add, and delete data using the HTTP protocol...

6.4CVSS7.2AI score0.00333EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 12:2 p.m.18 views

CVE-2025-21513

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS6.2AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:38 a.m.7 views

CVE-2025-21508

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.5CVSS6.4AI score0.00661EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:38 a.m.9 views

CVE-2025-21507

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

5.4CVSS6AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.5 views

CVE-2023-22055

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS5.5AI score0.00327EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:50 p.m.9 views

CVE-2022-21630

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS6.3AI score0.00493EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/05 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS7.2AI score0.00293EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/04/15 9:16 p.m.45 views

CVE-2025-30740

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.5CVSS0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 9:16 p.m.6 views

CVE-2025-30740

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 9:16 p.m.4 views

CVE-2025-30709

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.1CVSS7.1AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.5 views

Oracle JD Edwards EnterpriseOne Tools 安全漏洞

Oracle JD Edwards EnterpriseOne Tools is a component for installing, updating, and managing JD Edwards EnterpriseOne applications from Oracle Corporation Oracle. A security vulnerability exists in Oracle JD Edwards EnterpriseOne Tools versions 9.2.0.0 through 9.2.9.2, which stems from improper...

5.4CVSS7.1AI score0.0029EPSS
Exploits0References2
Amazon
Amazon
added 2025/04/01 12:0 a.m.9 views

Medium: containerd

Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...

4.6CVSS5.2AI score0.00275EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/03/17 12:0 a.m.5 views

PT-2025-11557

Name of the Vulnerable Software and Affected Versions containerd versions prior to 1.6.38 containerd versions prior to 1.7.27 containerd versions prior to 2.0.4 Description A bug was found in containerd where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed...

7.8CVSS7.3AI score0.00275EPSS
Exploits1References76
Wiz blog
Wiz blog
added 2025/02/17 12:0 p.m.2 views

The Role of Runtime Security in Cloud Environments

Discover how Wiz's innovative hybrid approach revolutionizes runtime security for the modern cloud era...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.8 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the disclosure of information through incompatibility. Exploitation of this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...

7.8CVSS7.6AI score0.00652EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.7 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information through a specially...

7.8CVSS7.6AI score0.00305EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the lack of authenticity verification for a critical function. Exploitation of this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, a...

9CVSS7.7AI score0.00642EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the use of open redirection. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...

6.4CVSS7.7AI score0.00369EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.8 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain access to read, modify, and delete files...

4.3CVSS7.7AI score0.0039EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder