Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the information system openSIS, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.

The vulnerability of the information system openSIS is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

10CVSS6.2AI score0.01723EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.5 views

The vulnerability of Airoha Technology’s TWS earphones’ BR/EDR Bluetooth chips allows intruders to circumvent existing security restrictions.

The vulnerability of Airoha Technology’s TWS earphones’ BR/EDR Bluetooth chips lies in the lack of authentication for a critical function. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions...

6.3CVSS6.2AI score0.04372EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel is related to insufficient resource control during its existence. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00163EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the MCP protocol server’s codehooks-mcp-server lies in its failure to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of the MCP protocol’s codehooks-mcp-server relates to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS6.1AI score0.01297EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the client tool library for the Sentry SDK platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the client tool library for the Sentry SDK platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the client tool library for the Sentry SDK platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the client tool library for the Sentry SDK monitoring platform is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.8AI score0.00628EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the microprogrammed wireless Wi-Fi router Tenda W30E, related to the use of the default password, allows a hacker to gain full control over the device.

The vulnerability of the microprogrammed wireless Wi-Fi routers Tenda W30E relates to the use of a default password. Exploiting this vulnerability could allow an attacker to gain full control over the device remotely...

10CVSS5.7AI score0.00371EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the Search and Discovery functions in Hikvision’s network video recorder (NVR), digital video recorder (DVR), centralized video recorder (CVR), and IP camera (IPC) software systems allows a intruder to trigger a service failure.

The vulnerability of the Search and Discovery functions in Hikvision’s network video recorder NVR, digital video recorder DVR, centralized video recorder CVR, and IP camera IPC devices is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a servi...

8.8CVSS6.3AI score0.00323EPSS
Exploits0References2Affected Software98
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of embedded Qualcomm microprogramming software, related to reading data beyond the buffer in memory, allows attackers to disclose protected information.

The vulnerability of embedded Qualcomm software lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

6.5CVSS5.9AI score0.00085EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the UPLOAD_DIR configuration and the UPLOAD_KEEP_FILENAME=True setting in the python-multipart streaming multi-component parser allows a attacker to write arbitrary files.

The vulnerability of the UPLOADDIR configuration and the UPLOADKEEPFILENAME=True setting in the Python-multipart streaming parser is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a remote attacker to write arbitrary files...

9CVSS6.5AI score0.02228EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability lies in the scripts for fetching/binary-fetcher/src/index.ts and resolving/resolver-base/src/index.ts of the package manager pnpm, allowing a hacker to write arbitrary files.

The vulnerability in the fetch/binary-fetcher/src/index.ts and resolve/resolver-base/src/index.ts scripts of the package manager pnpm is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to write arbitrary files...

7.8CVSS6AI score0.00396EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the XRDP server, related to the execution of operations beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the XRDP server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.4CVSS7.8AI score0.01318EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from insufficient protection of registration data, allowing attackers to disclose sensitive information.

The vulnerability of Git-based software platform configurations for collaborative code development on GitLab is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to expose the protected information...

2.1CVSS5.8AI score0.00212EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the templates/logging_macros.vm file on the XWiki Platform allows a hacker to execute cross-site scripting attacks.

The vulnerability of the templates/loggingmacros.vm file on the XWiki Platform involves a lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow an attacker, operating remotely, to execute cross-site scripting attacks using a specially created link...

7.5CVSS5.7AI score0.00503EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the subtitles field in the virtual learning environment Moodle allows a hacker to perform cross-site scripting attacks.

The vulnerability of the subtitles field in the virtual learning environment Moodle is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

6.4CVSS5.5AI score0.00309EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the D-Link D-View software platform for comprehensive network management lies in its lack of measures to neutralize specific elements, allowing attackers to execute arbitrary commands.

The vulnerability of the D-Link D-View software platform for comprehensive network management is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary commands...

7.8CVSS6AI score0.00141EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.7 views

The vulnerability of the D-Link D-View software platform, related to bypassing authentication using a user-controlled key, allows a intruder to gain full control over the account and system.

The vulnerability of the D-Link D-View software platform relates to the bypassing of authentication using a key controlled by the user. Exploiting this vulnerability allows an attacker, operating remotely, to gain full control over the account and the system...

9CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to memory resource exhaustion, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the exhaustion of memory resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures when processing HTTP responses...

6.8CVSS5.8AI score0.00362EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the Integration Broker component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Integration Broker component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

6.4CVSS7.1AI score0.002EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS7AI score0.00316EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the Core sub-component of the Oracle Configurator component in the Oracle E-Business Suite system allows a perpetrator to gain access to data for reading purposes.

The vulnerability of the Core sub-component of the Oracle Configurator component in the Oracle E-Business Suite system relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain read access to data...

5.3CVSS7.1AI score0.00219EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the General component of the scalable framework for creating and deploying applications, which allows a malicious actor to gain unauthorized access to read, update, insert, or delete data.

The vulnerability of the General component of the scalable framework for creating and deploying applications is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, update, insert, or delete...

5.5CVSS7.1AI score0.0018EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to trigger a service failure.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

6.8CVSS7AI score0.00215EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of Airoha Technology’s Custom Protocol Bluetooth-chip-based TWS earphones allows a hacker to circumvent existing security restrictions.

The vulnerability of Airoha Technology’s Custom Protocol Bluetooth-chip TWS headphones is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions...

5.5CVSS6.1AI score0.05413EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the Linux operating system’s kernel, allowing a hacker to execute arbitrary code

The vulnerability of the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7AI score0.00162EPSS
Exploits0References5Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of Reolink WiFi IP cameras’ microprogramming software lies in the insecure storage of confidential information, allowing intruders to execute arbitrary commands.

The vulnerability of Reolink WiFi IP cameras’ microprogramming software is related to the insecure storage of confidential information. Exploiting this vulnerability could allow a intruder to execute arbitrary commands...

7.2CVSS6AI score0.00286EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.6 views

The vulnerability of the qemu-img utility of the Ironic Python Agent, which enables unauthorized access to protected information between the Ironic system and the physical hardware.

The vulnerability of the qemu-img utility of the Ironic Python Agent IPA relates to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.7AI score0.00545EPSS
Exploits0References7Affected Software6
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the system for managing internal services and automating business processes allows a perpetrator to gain access to the user account.

The vulnerability of the system for managing internal services and automating business processes is related to the lack of a password recovery mechanism. Exploiting this vulnerability could allow an attacker operating remotely to gain access to the user account...

7.4CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the user interface of the Telpo MDM device management platform, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the user interface of the Telpo MDM device management platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

6.8CVSS5.6AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Jose4j JWT library, related to improper protection of security tokens, allows a attacker to trigger a service failure.

The vulnerability of the Jose4j JWT library is related to improper protection of security tokens. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.8CVSS6.7AI score0.00244EPSS
Exploits1References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the `fs.statSync()` and `fs.readFileSync()` functions in the pnpm package manager’s script `store/cafs/src/addFilesFromDir.ts` allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the fs.statSync and fs.readFileSync functions in the pnpm package manager’s script store/cafs/src/addFilesFromDir.ts is related to an incorrect definition of references before accessing files. Exploiting this vulnerability could allow an attacker to gain unauthorized access t...

5.5CVSS5.8AI score0.00469EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability in the web interface for managing Tenda W30E micro-program software routers allows a perpetrator to gain unauthorized access to read data.

The vulnerability of the web-based management interface for Tenda W30E micro-programmed router software is related to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read data...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of Tenda W30E router microprogramming software, related to the disclosure of information through browser caching, allows attackers to gain unauthorized access to protected information.

The vulnerability of Tenda W30E router microprogramming software is related to the disclosure of information through browser caching. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

5.5CVSS5.8AI score0.00154EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

Vulnerability in the web interface for managing microprogrammed wireless router Tenda F3, which allows a hacker to intercept user sessions

The vulnerability in the web-based interface for managing microprogrammed wireless routers Tenda F3 is related to improper session management. Exploiting this vulnerability can allow an attacker to intercept a user’s session...

9CVSS5.8AI score0.00451EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the systemutil.cgi component of the Telesquare TLR-2005Ksh router software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the systemutil.cgi component of the Telesquare TLR-2005Ksh microprogramming device lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00434EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the unserialize() function in the Laravel Reverb WebSocket server allows a hacker to execute arbitrary code.

The vulnerability of the unserialize function in the Laravel Reverb WebSocket server is related to defects in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

10CVSS6.1AI score0.00878EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the npm package manager lies in the incorrect path name restrictions, which allow attackers to write arbitrary files.

The vulnerability of the npm package manager is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

7.8CVSS6AI score0.00438EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the jabsorb library of the AjaxProxy service in the SolarWinds IT-infrastructure management software’s Web Help Desk allows a hacker to execute arbitrary code.

The vulnerability of the jabsorb library in the AjaxProxy service of the SolarWinds IT-infrastructure management software’s Web Help Desk is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a...

10CVSS7.9AI score0.8413EPSS
Exploits3References4
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the authentication system of the zVirt virtualization platform allows a hacker to gain unauthorized access to user’s authentication data.

The vulnerability of the authentication system of the zVirt virtualization platform relates to the redirection of URLs to unreliable websites when processing the redirecturl parameter. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

10CVSS5.8AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Privacy component: The Anti-Tracking feature of the Mozilla Firefox browser, which allows the intruder to compromise the integrity of the protected information.

The vulnerability of the Privacy component in the Mozilla Firefox browser’s Anti-Tracking feature is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to potentially compromise the integrity of the protected information...

7.8CVSS6.6AI score0.00177EPSS
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab CE/EE arises from the lack of checks for the return value. This allows attackers to increase their privileges.

The vulnerability of the Git-based software platform for collaborative code development on GitLab CE/EE is related to the lack of checking for the return value. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

7.4CVSS6.2AI score0.00832EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.2 views

The vulnerability of the PostgreSQL phpPgAdmin administration tool, an administration tool for databases, arises from the failure to take measures to neutralize special elements. This vulnerability allows attackers to execute arbitrary commands.

The vulnerability of the phpPgAdmin web administration tool for PostgreSQL is related to the failure to take measures to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

9CVSS6AI score0.00262EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.3CVSS7.6AI score0.00297EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the safe_extract() function in the ClearML machine learning platform allows a hacker to execute arbitrary code.

The vulnerability of the safeextract function in the ClearML machine learning platform is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

6.2CVSS6.5AI score0.00276EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the canonical/get-workflow-version-action component of the platform for automating GitHub Actions work processes allows a hacker to gain access to the secret GITHUB_TOKEN.

The vulnerability of the “canonical/get-workflow-version-action” component of the platform for automating GitHub Actions processes is related to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the...

8.2CVSS5.8AI score0.00589EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the software platform’s configuration based on Git for collaborative code development on GitLab allows a hacker to disclose protected information from security reports.

The vulnerability of Git-based software platform configurations for collaborative code development on GitLab is related to security mechanism errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information from security reports under certai...

4.3CVSS5.8AI score0.00278EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Product Quality Management component of the Oracle Agile Product Lifecycle Management for Process application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Product Quality Management component of the Oracle Agile Product Lifecycle Management for Process application is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker operating remotely to gain unauthorized access to protect...

6.8CVSS7AI score0.00274EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.6 views

The vulnerability of the Workflow Loader component of the Oracle Workflow system allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Workflow Loader component of the Oracle Workflow system relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

6.8CVSS7.1AI score0.00307EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.3 views

The vulnerability of the Platform component of the Oracle Life Sciences Central Designer allows a malicious individual to gain read access to data.

The vulnerability of the Platform component of the Oracle Life Sciences Central Designer software relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to gain read access to data...

5.3CVSS7.1AI score0.00219EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/30 12:0 a.m.4 views

The vulnerability of the SQLcl component of the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the SQLcl component of the Oracle Database Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

7CVSS7.1AI score0.00172EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities90709