Lucene search
K

5360 matches found

OSV
OSV
added 2026/05/06 2:41 p.m.9 views

BIT-JAVA-MIN-2020-14792

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS6.7AI score0.02203EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37709

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated...

7.5CVSS5.8AI score0.04008EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37678

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

5.8CVSS6.7AI score0.02203EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Important: gimp

Issue Overview: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS7.9AI score0.00755EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2026/04/27 12:0 a.m.11 views

Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.11 views

CVE-2026-35252

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware component: C Oracle SSL API. Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

6.4CVSS0.00159EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.5 views

CVE-2026-34274

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successf...

6.1CVSS0.00179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 8:35 p.m.3 views

CVE-2026-34284

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.9 views

PT-2026-34146

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker...

6.8CVSS5.8AI score0.0011EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34069

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise XML Database. Successful attacks require human interaction...

5.3CVSS5.7AI score0.00227EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.13 views

Microsoft Qlib fit Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Qlib. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fit function. T...

7.8CVSS6.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/14 10:58 p.m.3 views

CVE-2026-27298

Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

7.8CVSS6.3AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 10:58 p.m.21 views

CVE-2026-27301

Adobe Framemaker 2022.8 and earlier is affected by a heap-based buffer overflow that can disclose memory contents. Exploitation requires user interaction: the victim must open a malicious file. CVSS v3.1 indicates LOCAL attack vector, LOW attack complexity, NONE privileges, and UI:R with CONFIDEN...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/14 10:58 p.m.14 views

CVE-2026-27299

CVE-2026-27299 affects Adobe FrameMaker 2022.8 and earlier and is caused by improper input validation that can lead to arbitrary file system read. The vulnerability requires a user to open a malicious file, enabling an attacker to access sensitive data on the local system. The CVSSv3.1 base score...

6.3CVSS5.9AI score0.00155EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 7:44 p.m.3 views

CVE-2026-27310 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 7:44 p.m.3 views

CVE-2026-27313 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 7:16 p.m.10 views

CVE-2026-34623

Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of thi...

5.4CVSS0.00157EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/14 6:30 p.m.5 views

EUVD-2026-22434

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.4 views

EUVD-2026-22337

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of...

6.3CVSS5.9AI score0.00337EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2026-22436

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References2
Rows per page
Query Builder