Latest CVE Feed
-
5.9
MEDIUMCVE-2024-2310
The WP Google Review Slider WordPress plugin before 13.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is dis... Read more
Affected Products : wp_google_review_slider- Published: Apr. 26, 2024
- Modified: May. 08, 2025
-
8.8
HIGHCVE-2024-1059
Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)... Read more
- EPSS Score: %0.42
- Published: Jan. 30, 2024
- Modified: May. 08, 2025
-
6.1
MEDIUMCVE-2022-26954
Multiple open redirect vulnerabilities in NopCommerce 4.10 through 4.50.1 allow remote attackers to conduct phishing attacks by redirecting users to attacker-controlled web sites via the returnUrl parameter, processed by the (1) ChangePassword function, (... Read more
Affected Products : nopcommerce- EPSS Score: %0.12
- Published: Oct. 20, 2022
- Modified: May. 08, 2025
-
5.4
MEDIUMCVE-2021-33231
Cross Site Scripting (XSS) vulnerability in New equipment page in EasyVista Service Manager 2018.1.181.1 allows remote attackers to run arbitrary code via the notes field.... Read more
Affected Products : service_manager- EPSS Score: %0.16
- Published: Oct. 20, 2022
- Modified: May. 08, 2025
-
6.8
MEDIUMCVE-2020-9285
Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.... Read more
- EPSS Score: %0.04
- Published: Oct. 20, 2022
- Modified: May. 08, 2025
-
7.8
HIGHCVE-2020-12744
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.... Read more
Affected Products : desktop_and_process_analytics- EPSS Score: %0.03
- Published: Oct. 20, 2022
- Modified: May. 08, 2025
-
7.8
HIGHCVE-2024-49561
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation o... Read more
Affected Products : smartfabric_os10- Published: Mar. 17, 2025
- Modified: May. 08, 2025
- Vuln Type: Authorization
-
6.1
MEDIUMCVE-2017-10082
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access ... Read more
Affected Products : agile_product_lifecycle_management_framework agile_plm agile_product_lifecycle_management- EPSS Score: %0.46
- Published: Aug. 08, 2017
- Modified: May. 08, 2025
-
5.8
MEDIUMCVE-2016-3529
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3526 and CVE-2016-3560.... Read more
- EPSS Score: %0.38
- Published: Jul. 21, 2016
- Modified: May. 08, 2025
-
5.5
MEDIUMCVE-2016-3553
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality and integrity via vectors related to PC Core.... Read more
- EPSS Score: %0.24
- Published: Jul. 21, 2016
- Modified: May. 08, 2025
-
5.3
MEDIUMCVE-2016-3560
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3526 and CVE-2016-3529.... Read more
- EPSS Score: %0.51
- Published: Jul. 21, 2016
- Modified: May. 08, 2025
-
5.9
MEDIUMCVE-2016-5527
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5524.... Read more
- EPSS Score: %0.33
- Published: Oct. 25, 2016
- Modified: May. 08, 2025
-
4.3
MEDIUMCVE-2017-10299
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access v... Read more
Affected Products : agile_product_lifecycle_management_framework agile_plm agile_product_lifecycle_management- EPSS Score: %0.21
- Published: Oct. 19, 2017
- Modified: May. 08, 2025
-
7.5
HIGHCVE-2016-3530
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors related to PGC / Import.... Read more
- EPSS Score: %0.75
- Published: Jul. 21, 2016
- Modified: May. 08, 2025
-
6.1
MEDIUMCVE-2017-10092
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access ... Read more
Affected Products : agile_product_lifecycle_management_framework agile_plm agile_product_lifecycle_management- EPSS Score: %0.46
- Published: Aug. 08, 2017
- Modified: May. 08, 2025
-
9.0
HIGHCVE-2016-3554
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to PC / BOM, MCAD, and Design.... Read more
- EPSS Score: %1.45
- Published: Jul. 21, 2016
- Modified: May. 08, 2025
-
7.5
HIGHCVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build fro... Read more
Affected Products : peoplesoft_enterprise_peopletools agile_engineering_data_management siebel_ui_framework agile_product_lifecycle_management_framework peoplesoft_enterprise_human_capital_management_human_resources primavera_unifier application_testing_suite hospitality_guest_access retail_xstore_point_of_service tuxedo +28 more products- EPSS Score: %90.74
- Published: May. 01, 2019
- Modified: May. 08, 2025
-
6.1
MEDIUMCVE-2018-8032
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.... Read more
Affected Products : debian_linux peoplesoft_enterprise_peopletools agile_engineering_data_management siebel_ui_framework agile_product_lifecycle_management_framework peoplesoft_enterprise_human_capital_management_human_resources primavera_unifier application_testing_suite hospitality_guest_access retail_xstore_point_of_service +29 more products- EPSS Score: %2.34
- Published: Aug. 02, 2018
- Modified: May. 08, 2025
-
6.4
MEDIUMCVE-2016-3431
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect confidentiality and integrity via vectors related to Security, a different vul... Read more
- EPSS Score: %0.14
- Published: Apr. 21, 2016
- Modified: May. 08, 2025
-
6.8
MEDIUMCVE-2016-3537
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Folders / Attachment, a different vulnerability than ... Read more
- EPSS Score: %0.32
- Published: Jul. 21, 2016
- Modified: May. 08, 2025