Export limit exceeded: 346085 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346085 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346085 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21999 | 1 Oracle | 2 Database - Xml Database, Database Server | 2026-04-22 | 5.3 Medium |
| Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise XML Database. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all XML Database accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N). | ||||
| CVE-2026-21998 | 1 Oracle | 1 Mysql Server | 2026-04-22 | 4.9 Medium |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | ||||
| CVE-2026-21997 | 1 Oracle | 1 Life Sciences Empirica Signal | 2026-04-22 | 8.5 High |
| Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Life Sciences Empirica Signal. While the vulnerability is in Oracle Life Sciences Empirica Signal, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Life Sciences Empirica Signal accessible data as well as unauthorized read access to a subset of Oracle Life Sciences Empirica Signal accessible data. CVSS 3.1 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N). | ||||
| CVE-2026-0539 | 2026-04-22 | N/A | ||
| Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745. | ||||
| CVE-2014-125120 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10056 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10045 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10041 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2011-10031 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20124 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20118 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20117 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20116 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20110 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2009-20012 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2008-20003 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2008-20002 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2005-20001 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2000-5001 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2026-33558 | 1 Apache | 2 Kafka, Kafka Clients | 2026-04-22 | 5.3 Medium |
| Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information will be exposed via the requests and responses output log. The entire lists of impacted requests and responses are: * AlterConfigsRequest * AlterUserScramCredentialsRequest * ExpireDelegationTokenRequest * IncrementalAlterConfigsRequest * RenewDelegationTokenRequest * SaslAuthenticateRequest * createDelegationTokenResponse * describeDelegationTokenResponse * SaslAuthenticateResponse This issue affects Apache Kafka: from any version supported the listed API above through v3.9.1, v4.0.0. We advise the Kafka users to upgrade to v3.9.2, v4.0.1, or later to avoid this vulnerability. | ||||