Lucene search
K

363836 matches found

NVD
NVD
•added 2026/06/17 10:40 a.m.•12 views

CVE-2026-35286

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

9.8CVSS0.00483EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•10 views

CVE-2026-35280

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware component: Client Bundle. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via T3, IIOP to compromise...

9.9CVSS0.00402EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35270

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

9.1CVSS0.00486EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35269

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager...

7.5CVSS0.00354EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•13 views

CVE-2026-35272

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterpri...

8.4CVSS0.00196EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•8 views

CVE-2026-35274

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Deployment Package. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

8.2CVSS0.00392EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35275

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Shared Folders. The supported version that is affected is 7.2.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...

7.5CVSS0.00123EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•13 views

CVE-2026-35268

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via T3, IIOP to compromise Identity Manager. While the...

9.9CVSS0.00432EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35271

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Weblogic. Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise P...

8.7CVSS0.0034EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35276

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Application Server. Supported versions that are affected are 8.61 and 8.62. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

8.1CVSS0.00436EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•12 views

CVE-2026-35261

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Authentication Engine. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.5CVSS0.00272EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•11 views

CVE-2026-35265

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager. Successfu...

8.8CVSS0.00432EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•10 views

CVE-2026-35259

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise WebLogic Server. Successful...

8.8CVSS0.00416EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35262

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware component: Market Place. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Data...

8.3CVSS0.00387EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•11 views

CVE-2026-35263

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server. While the...

9.9CVSS0.00323EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35267

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: REST WebServices. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager...

8.8CVSS0.00432EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:40 a.m.•9 views

CVE-2026-35258

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise WebLogic Server. Successful...

8.7CVSS0.00326EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 10:14 a.m.•9 views

CVE-2026-12348

Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...

7.4CVSS0.00283EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS0.00446EPSS
Exploits0References3
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-47750

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode...

7.8CVSS0.0018EPSS
Exploits1References3
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-47747

stable-diffusion.cpp is a pure C/C++ library for running diffusion model Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the BINUNICODE opcode...

7.8CVSS0.0018EPSS
Exploits1References3
NVD
NVD
•added 2026/06/16 8:16 p.m.•7 views

CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

8.5CVSS0.00272EPSS
Exploits1References3
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-12425

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting XSS. This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after the login URL and have it...

7.4CVSS0.00149EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•13 views

CVE-2026-22312

The device has a webserver that exposes a REST API authenticated with a constant token. The unauthenticated API can be used by an attacker to get access to system settings, modify the configuration and execute some commands e.g. system reboot...

8.6CVSS0.00232EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-22313

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary commands to the device that are executed with administrative permissions by the underlying...

9.1CVSS0.00921EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-12117

Improper access control in the social login connection endpoint in Devolutions Server 2026.2.5 allows an authenticated vault member to enumerate social login entry metadata to which they are not authorized via a crafted API request...

4.3CVSS0.0018EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-12105

Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions...

6.5CVSS0.00201EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-11890

Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results...

4.3CVSS0.00162EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-0165

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.7CVSS0.00171EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-0157

In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS0.00169EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•16 views

CVE-2026-0162

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•9 views

CVE-2026-0161

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•12 views

CVE-2026-0158

In Camera, there is a possible unauthorized way to access photos due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.0006EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0155

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS0.00169EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-0154

In Modem, there is a possible way to trigger a modem crash during a SIP REFER request due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0164

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•13 views

CVE-2026-0160

In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-10303

In ServerCo getssl version 2.49 and prior, the ACME challenge token returned to the client was not strictly validated against RFC 8555 before being used in challenge-file handling, allowing a maliciously crafted token to influence local path/filename usage during validation. An attacker who can...

7.4CVSS0.00757EPSS
Exploits0References5
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0156

In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•11 views

CVE-2026-0145

In keymint, there is a possible Permission Bypass due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS0.00068EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•9 views

CVE-2026-0149

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00285EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•9 views

CVE-2026-0151

In IntfGraphCreate of intfgraph.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00231EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•17 views

CVE-2026-0153

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00068EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0150

In ExecuteGraph command handler of EdgeTPU firmware, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with root privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00067EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•7 views

CVE-2026-0144

In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS0.00253EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0148

In multiple functions of VideoRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00277EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•9 views

CVE-2026-0147

In mfccorenalqgetdecmetadataseinal of mfccorenalq.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00277EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•10 views

CVE-2026-0146

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00277EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•11 views

CVE-2026-0152

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS0.00071EPSS
Exploits0References1
NVD
NVD
•added 2026/06/16 8:16 p.m.•8 views

CVE-2026-0143

In lwisdeviceexternaleventemit of lwisevent.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00073EPSS
Exploits0References1
Total number of security vulnerabilities363836