1949 matches found
CVE-2025-30754
...
CVE-2025-30752
...
CVE-2025-30751
CVE-2025-30751 affects Oracle Database Server (Oracle Database component). Affected supported versions are 19.27 and 23.4–23.8. The flaw enables a low-privileged attacker who has Create Session and Create Procedure privileges with network access via Oracle Net to compromise the database, potentia...
CVE-2025-30750
CVE-2025-30750 affects Oracle Database Server Unified Audit. Affected versions: 19.3–19.27, 21.3–21.18, 23.4–23.8. High-privileged attacker with Create User privilege and network access via Oracle Net can compromise Unified Audit; exploitation requires user interaction and may allow unauthorized ...
CVE-2025-30749
CVE-2025-30749 affects Oracle Java SE, GraalVM for JDK and GraalVM Enterprise Edition (component: 2D, with JSSE/Networking/Scripting as other components) per the provided documents. Affected Oracle Java SE versions include 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; affected GraalVM for ...
CVE-2025-30746
...
CVE-2025-30747
CVE-2025-30747 affects Oracle PeopleSoft PeopleTools (PIA Core Technology). The vulnerability exists in PeopleSoft Enterprise PeopleTools components and impacts versions 8.60, 8.61, and 8.62. An unauthenticated attacker who can reach the service over HTTP can exploit this issue to access data rea...
CVE-2025-30745
Oracle E-Business Suite: Oracle MES for Process Manufacturing (Device Integration) is affected in versions 12.2.12–12.2.13 by a cross-site request forgery vulnerability (CSRF). The issue is exploitable remotely over HTTP; exploitation requires interaction from a user other than the attacker. Succ...
CVE-2025-30747
...
CVE-2025-30746
...
CVE-2025-30744
...
CVE-2025-30739
...
CVE-2025-7026
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values e.g., '$DB$' or '2DB$', the function performs arbitrary...
CVE-2025-7027
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...
BELL-CVE-2025-38290
Bulletin has no description...
BELL-CVE-2025-38282
Bulletin has no description...
CVE-2025-53636 Open OnDemand Shell App closed websocket DoS
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service DoS to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6...
CVE-2025-7028
A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...
CVE-2025-7027
A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...
BELL-CVE-2025-38343
Bulletin has no description...