Lucene search
K

1615 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.6 views

CVE-2011-0825

Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect confidentiality, integrity, and availability, related to Enterprise Infrastructure SEC...

6.8CVSS6.5AI score0.0115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:4 a.m.8 views

CVE-2011-0836

Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC...

3.5CVSS6AI score0.03403EPSS
Exploits1References1
Circl
Circl
added 2026/01/08 3:6 p.m.4 views

CVE-2025-53477

creationtimestamp| type| source ---|---|--- 2026-01-08 15:06:32+00:00| seen| https://seclists.org/oss-sec/2026/q1/41 2026-01-08 16:33:55+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mbwfwryasz2d 2026-01-10 12:29:41+00:00| seen|...

7.5CVSS5.8AI score0.00696EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992739 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - don't sleep when in softirq When kunpeng920 encryption driver is used to...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References4
Hacker One
Hacker One
added 2025/12/22 5:49 a.m.19 views

curl: libcurl WebSocket handshake accepts any Sec-WebSocket-Accept

Summary: libcurl upgrades to WebSocket without validating Sec-WebSocket-Accept, allowing a spoofed 101 response to complete the handshake and inject frames; AI assistance was used to draft this report. Steps to Reproduce: 1. Clone and build curl from source: git clone --depth=1...

7.2AI score
Exploits0
Circl
Circl
added 2025/12/15 7:35 p.m.7 views

CVE-2025-67899

creationtimestamp| type| source ---|---|--- 2025-12-15 19:35:51+00:00| seen| https://seclists.org/oss-sec/2025/q4/277 2025-12-20 02:01:34+00:00| seen| https://bsky.app/profile/slackers.it/post/3maf4d6dt3p2l 2025-12-21 10:46:14+00:00| seen|...

2.9CVSS5.5AI score0.0012EPSS
Exploits0References3
Circl
Circl
added 2025/12/02 8:59 p.m.4 views

CVE-2025-66476

creationtimestamp| type| source ---|---|--- 2025-12-02 20:59:19+00:00| seen| https://seclists.org/oss-sec/2025/q4/228 2025-12-03 00:35:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m727kyx2gv2a 2025-12-04 02:30:25+00:00| seen|...

7.8CVSS7.7AI score0.00439EPSS
Exploits0References5
CVE
CVE
added 2025/12/01 10:13 p.m.15 views

CVE-2025-66313

ChurchCRM versions 6.2.0 and earlier are vulnerable to a time-based blind SQL injection in the 1FieldSec parameter. Injecting SLEEP() triggers deterministic server-side delays, showing the value is embedded in a SQL query without proper parameterization. In the affected versions, this can enable ...

7.2CVSS7.5AI score0.0035EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/11/18 3:26 a.m.14 views

CVE-2025-52578

CVE-2025-52578 describes an incorrect usage of seeds in a pseudo-random number generator (PRNG) affecting Gallagher Command Centre Server. The issue allows a sophisticated attacker with physical access to compromise internal device communications. Affected versions include 9.30 before vCR9.30.251...

5.7CVSS6.3AI score0.0013EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/18 3:26 a.m.2 views

CVE-2025-52578

Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...

5.7CVSS6.3AI score0.0013EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.5 views

PT-2025-47241

Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...

5.7CVSS6.7AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2025/10/21 8:20 p.m.7 views

CVE-2025-53060

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.1CVSS0.00213EPSS
Exploits0References1
Circl
Circl
added 2025/10/14 2:17 p.m.6 views

CVE-2024-44088

creationtimestamp| type| source ---|---|--- 2025-10-14 14:17:27+00:00| seen| https://seclists.org/oss-sec/2025/q4/36...

6.1CVSS4.8AI score0.00628EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 8:35 a.m.14 views

CVE-2025-41699

Phoenix Contact CHARX SEC-3xxx charging controllers are affected by CVE-2025-41699. The vulnerability is a code injection (CWE-94) that an attacker with a low-privileged remote account for the Web-based management can exploit to change system configuration and perform a root command injection, co...

8.8CVSS7.3AI score0.00881EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 8:35 a.m.9 views

CVE-2025-41699 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers

An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code 'Code Injection'...

8.8CVSS0.00881EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.6 views

Phoenix Contact CHARX SEC-3150 代码注入漏洞

The Phoenix Contact CHARX SEC-3150 is an AC charge controller from Phoenix Contact, Germany. The Phoenix Contact CHARX SEC-3150 suffers from a code injection vulnerability that originates from a low-privileged remote attacker who can perform command injection by changing the system configuration...

8.8CVSS8.8AI score0.00881EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-0458

Malware in sbrugna...

7.3CVSS7.5AI score0.03338EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-0457

Malware in sbrugna...

7.1CVSS7.4AI score0.02941EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-18745

Malware in sbrugna...

6.1CVSS6.3AI score0.00641EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0968

Malware in sbrugna...

5.3CVSS6.4AI score0.02821EPSS
Exploits1References10
Rows per page
Query Builder