Lucene search
K

54 matches found

NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46973

Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.9 views

CVE-2026-46772

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where...

4.7CVSS0.00137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50059

Name of the Vulnerable Software and Affected Versions Oracle Project Portfolio Analysis versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Project Portfolio Analysis product within Oracle E-Business Suite. A high privileged attacker with...

7.2CVSS5.8AI score0.00453EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-46822

Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iAssets. While the...

9.9CVSS5.4AI score0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 8:17 p.m.9 views

EUVD-2026-33043

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.5CVSS5.8AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 8:54 a.m.5 views

BIT-PILLOW-2026-42310 Pillow: PDF Parsing Trailer Infinite Loop (DoS)

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References5
OSV
OSV
added 2026/05/09 6:16 a.m.7 views

PYSEC-2026-165

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

5.5CVSS7.1AI score0.00114EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/09 6:16 a.m.12 views

CVE-2026-42308

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/09 6:16 a.m.8 views

CVE-2026-42310

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/09 4:11 a.m.5 views

CVE-2026-42311

Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...

8.6CVSS6AI score0.0015EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.4 views

CVE-2026-34294

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...

5.9CVSS5.7AI score0.00175EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.11 views

mitmproxy 注入漏洞

Mitmproxy is an interactive, open-source intercepting proxy that supports SSL/TLS. It comes with a console interface for HTTP/1, HTTP/2, and WebSockets. Versions of Mitmproxy prior to 12.2.1 have a vulnerability due to improper cleanup of usernames during LDAP proxy authentication, which could...

4.8CVSS5.8AI score0.00166EPSS
Exploits1References2
NVD
NVD
added 2025/10/21 8:20 p.m.12 views

CVE-2025-53071

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Upload Attachments. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

4.3CVSS0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management, etc. Applications Framework OA Framework, OAF is one of the business development platform...

4.3CVSS6.9AI score0.0022EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:49 p.m.8 views

CVE-2022-22579

An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL file may lead to unexpected application...

9.3CVSS6.3AI score0.01688EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 p.m.8 views

CVE-2021-22249

A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private email address of a user invited to a group...

4.3CVSS6.7AI score0.00974EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.9 views

CVE-2019-8504

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory...

5.5CVSS5.2AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 a.m.6 views

CVE-2019-8512

This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure...

7.9CVSS5.7AI score0.00684EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.6 views

PT-2025-16426 · Oracle · Oracle E-Business Suite

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.7 through 12.2.14 Description: The issue allows a low-privileged attacker with network access via HTTP to compromise the Oracle iSupplier Portal, resulting in unauthorized access to critical data or...

6.8CVSS7.2AI score0.00478EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.2 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other functions. A security vulnerability exists in Oracle Project Foundation versions...

8.1CVSS8.8AI score0.00539EPSS
Exploits0References2
Rows per page
Query Builder