Lucene search
K

250 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-49460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 9:16 p.m.4 views

DEBIAN-CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 8:28 p.m.15 views

CVE-2026-49460

CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/22 8:27 p.m.24 views

CVE-2026-49461 pypdf: Possible large memory usage for form XObjects during text extraction

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12....

6.9CVSS0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46969

Vulnerability in the Oracle Financials for EMEA product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Financials...

7.2CVSS0.00453EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.5 views

CVE-2026-46916

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite component: Quality Management Specs. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

8.8CVSS0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.8 views

CVE-2026-46812

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Authentication Engine. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35265

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager. Successfu...

8.8CVSS0.00432EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/16 1:47 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the text extraction when handling form XObjects with self-references. An...

6.9CVSS5.9AI score0.00123EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 1:46 p.m.7 views

pypdf: Inefficient decoding of FlateDecode PNG predictor streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying the changes...

5.1CVSS5.2AI score0.00117EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-49907

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory versions 12.2.1.4.0 Oracle Unified Directory versions 14.1.2.1.0 Description An issue in the OUD Core component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via LDAP Lightweight...

9.8CVSS5.8AI score0.00518EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-50062

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Universal Work Queue versions 12.2.3 through 12.2.15 Description An issue exists in the Work Provider Site Level Administration component of the Oracle Universal Work Queue. A low privileged attacker with network...

9.9CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50041

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Cost Management versions 12.2.3 through 12.2.15 Description An issue exists in the Cost Planning component of the Oracle Cost Management product. A high privileged attacker with network access via HTTP can exploi...

7.2CVSS5.8AI score0.00453EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.13 views

PT-2026-49908

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory version 12.2.1.4.0 Oracle Unified Directory version 14.1.2.1.0 Description An issue exists in the OUD Core component of the Oracle Unified Directory product of Oracle Fusion Middleware. An unauthenticated attacker with...

9.8CVSS5.8AI score0.00518EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.14 views

NSA Ghidra 路径遍历漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Prior to version 12.2 of NSA Ghidra, there was a path traversal vulnerability. This vulnerability stemmed from IsfServer not verifying the namespace strin...

6.5CVSS5.4AI score0.00457EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.9 views

CVE-2026-34302

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. While the...

5.5CVSS7.3AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.8 views

CVE-2026-46837

Vulnerability in the Oracle Flow Manufacturing product of Oracle E-Business Suite component: Security. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via SQL to compromise Oracle Flow Manufacturing...

8.8CVSS5.6AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 9:16 p.m.18 views

CVE-2026-46837

Vulnerability in the Oracle Flow Manufacturing product of Oracle E-Business Suite component: Security. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via SQL to compromise Oracle Flow Manufacturing...

8.8CVSS0.00268EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 9:16 p.m.12 views

CVE-2026-46823

Vulnerability in the Oracle Public Sector Financials International product of Oracle E-Business Suite component: Authorization. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Orac...

7.7CVSS0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:17 p.m.8 views

CVE-2026-46824

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS5.8AI score0.00264EPSS
Exploits0Affected Software1
Rows per page
Query Builder