Lucene search
K

1949 matches found

Vulnrichment
Vulnrichment
added 2025/07/15 7:27 p.m.2 views

CVE-2025-30754

...

4.8CVSS7.5AI score0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/15 7:27 p.m.27 views

CVE-2025-30752

...

3.7CVSS0.0057EPSS
Exploits0References1
CVE
CVE
added 2025/07/15 7:27 p.m.54 views

CVE-2025-30751

CVE-2025-30751 affects Oracle Database Server (Oracle Database component). Affected supported versions are 19.27 and 23.4–23.8. The flaw enables a low-privileged attacker who has Create Session and Create Procedure privileges with network access via Oracle Net to compromise the database, potentia...

8.8CVSS7.5AI score0.0033EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/07/15 7:27 p.m.25 views

CVE-2025-30750

CVE-2025-30750 affects Oracle Database Server Unified Audit. Affected versions: 19.3–19.27, 21.3–21.18, 23.4–23.8. High-privileged attacker with Create User privilege and network access via Oracle Net can compromise Unified Audit; exploitation requires user interaction and may allow unauthorized ...

2.4CVSS4.8AI score0.00232EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/07/15 7:27 p.m.148 views

CVE-2025-30749

CVE-2025-30749 affects Oracle Java SE, GraalVM for JDK and GraalVM Enterprise Edition (component: 2D, with JSSE/Networking/Scripting as other components) per the provided documents. Affected Oracle Java SE versions include 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; affected GraalVM for ...

8.1CVSS7AI score0.01058EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/15 7:27 p.m.4 views

CVE-2025-30746

...

6.1CVSS7.2AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/07/15 7:27 p.m.41 views

CVE-2025-30747

CVE-2025-30747 affects Oracle PeopleSoft PeopleTools (PIA Core Technology). The vulnerability exists in PeopleSoft Enterprise PeopleTools components and impacts versions 8.60, 8.61, and 8.62. An unauthenticated attacker who can reach the service over HTTP can exploit this issue to access data rea...

4.3CVSS5.3AI score0.00263EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/07/15 7:27 p.m.20 views

CVE-2025-30745

Oracle E-Business Suite: Oracle MES for Process Manufacturing (Device Integration) is affected in versions 12.2.12–12.2.13 by a cross-site request forgery vulnerability (CSRF). The issue is exploitable remotely over HTTP; exploitation requires interaction from a user other than the attacker. Succ...

6.1CVSS6.3AI score0.00186EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/15 7:27 p.m.8 views

CVE-2025-30747

...

4.3CVSS0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/15 7:27 p.m.6 views

CVE-2025-30746

...

6.1CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/15 7:27 p.m.4 views

CVE-2025-30744

...

8.1CVSS7.6AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/15 7:25 p.m.9 views

CVE-2025-30739

...

5.5CVSS0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.6 views

CVE-2025-7026

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values e.g., '$DB$' or '2DB$', the function performs arbitrary...

8.2CVSS7.5AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 4:6 p.m.6 views

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

8.2CVSS7.4AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2025/07/12 6:0 a.m.2 views

BELL-CVE-2025-38290

Bulletin has no description...

5.5CVSS6.2AI score0.0013EPSS
Exploits0References1
OSV
OSV
added 2025/07/12 6:0 a.m.4 views

BELL-CVE-2025-38282

Bulletin has no description...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2025/07/11 9:20 p.m.7 views

CVE-2025-53636 Open OnDemand Shell App closed websocket DoS

Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service DoS to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6...

5.4CVSS6.7AI score0.00277EPSS
Exploits0References5
NVD
NVD
added 2025/07/11 4:15 p.m.7 views

CVE-2025-7028

A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...

7.8CVSS0.0019EPSS
Exploits0References4
NVD
NVD
added 2025/07/11 4:15 p.m.8 views

CVE-2025-7027

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

8.2CVSS0.00199EPSS
Exploits0References4
OSV
OSV
added 2025/07/11 6:0 a.m.11 views

BELL-CVE-2025-38343

Bulletin has no description...

5.5CVSS6.2AI score0.00145EPSS
Exploits0References1
Rows per page
Query Builder