cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-35650,https://securityvulnerability.io/vulnerability/CVE-2021-35650,Vulnerability in Oracle Secure Global Desktop Affects Oracle Virtualization,"A vulnerability exists in Oracle Secure Global Desktop within Oracle Virtualization that allows low privileged attackers with network access through various protocols to compromise the system. Successful exploitation requires human interaction from a user outside of the attacker's control. This vulnerability can lead to unauthorized access to certain data and may permit a partial denial of service, disrupting the operations of the Oracle Secure Global Desktop.",Oracle,Secure Global Desktop,4.6,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-10-20T10:51:28.000Z,0
CVE-2021-35649,https://securityvulnerability.io/vulnerability/CVE-2021-35649,Vulnerability in Oracle Secure Global Desktop by Oracle,"The vulnerability in Oracle Secure Global Desktop allows an attacker with low privileges and network access to exploit the system through various protocols. This could lead to unauthorized read access of sensitive data and cause a partial denial of service, disrupting the availability of Oracle Secure Global Desktop. Early detection and timely patching are essential to safeguard against potential exploitation.",Oracle,Secure Global Desktop,5.4,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-10-20T10:51:27.000Z,0
CVE-2021-2447,https://securityvulnerability.io/vulnerability/CVE-2021-2447,Vulnerability in Oracle Secure Global Desktop Affects Oracle Virtualization,"A vulnerability in Oracle Secure Global Desktop allows low-privileged attackers with network access to exploit the system through various protocols. This vulnerability can lead to unauthorized takeover of the Oracle Secure Global Desktop, potentially compromising confidentiality, integrity, and availability. Exploits may have broader implications on associated Oracle virtualization products, making it crucial for users to apply recommended security measures promptly.",Oracle,Secure Global Desktop,9.9,CRITICAL,0.00395999988541007,false,,false,false,false,,,false,false,,2021-07-20T22:44:55.000Z,0
CVE-2021-2446,https://securityvulnerability.io/vulnerability/CVE-2021-2446,Oracle Secure Global Desktop Vulnerability in Oracle Virtualization,"A vulnerability in Oracle Secure Global Desktop, part of Oracle's Virtualization suite, allows an unauthenticated attacker with network access to exploit the system. This issue requires user interaction for successful exploitation, which can lead to a complete takeover of the desktop environment. The ramifications extend beyond the Secure Global Desktop, potentially affecting other systems within the network.",Oracle,Secure Global Desktop,9.6,CRITICAL,0.0037499999161809683,false,,false,false,false,,,false,false,,2021-07-20T22:44:54.000Z,0
CVE-2021-2248,https://securityvulnerability.io/vulnerability/CVE-2021-2248,Unauthenticated Remote Code Execution in Oracle Secure Global Desktop,"A vulnerability exists in the Oracle Secure Global Desktop, part of the Oracle Virtualization suite, allowing an unauthenticated attacker to exploit the system over the network. This vulnerability is particularly concerning as it enables unauthorized access that could lead to complete takeover of the affected desktop, potentially impacting additional products involved in the virtualization environment. Attackers leveraging this flaw can target multiple protocols, making it easier to bypass traditional defenses. Organizations using Oracle Secure Global Desktop should implement immediate security measures to mitigate the risks associated with this vulnerability.",Oracle,Secure Global Desktop,10,CRITICAL,0.010459999553859234,false,,false,false,false,,,false,false,,2021-04-22T21:53:55.000Z,0
CVE-2021-2221,https://securityvulnerability.io/vulnerability/CVE-2021-2221,Vulnerability in Oracle Secure Global Desktop Client Affects Multiple Protocols,"A vulnerability exists in the Oracle Secure Global Desktop product, specifically in the Client component. This flaw allows an unauthenticated attacker with network access to exploit the system through various protocols. Notably, the successful exploitation of this vulnerability requires human interaction from a user other than the attacker. While the vulnerability resides within Oracle Secure Global Desktop, it can also have consequential effects on other products, potentially leading to unauthorized control of the system.",Oracle,Secure Global Desktop,9.6,CRITICAL,0.009429999627172947,false,,false,false,false,,,false,false,,2021-04-22T21:53:52.000Z,0
CVE-2021-2177,https://securityvulnerability.io/vulnerability/CVE-2021-2177,Vulnerability in Oracle Secure Global Desktop by Oracle affecting virtualization environments,"The vulnerability in Oracle Secure Global Desktop allows unauthenticated attackers to gain network access, potentially leading to a complete system compromise. This presents a significant risk as successful exploitation can impact additional interconnected products within the Oracle virtualization ecosystem, thereby expanding the attack surface. Promptly addressing this vulnerability is critical to maintaining the integrity and security of affected installations.",Oracle,Secure Global Desktop,10,CRITICAL,0.010459999553859234,false,,false,false,false,,,false,false,,2021-04-22T21:53:47.000Z,0
CVE-2018-19439,https://securityvulnerability.io/vulnerability/CVE-2018-19439,,"XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). helpwindow.jsp has reflected XSS via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle parameter.",Oracle,Secure Global Desktop,6.1,MEDIUM,0.014410000294446945,false,,false,false,false,,,false,false,,2018-12-13T19:00:00.000Z,0
CVE-2016-5580,https://securityvulnerability.io/vulnerability/CVE-2016-5580,,Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services.,Oracle,Secure Global Desktop,9.6,CRITICAL,0.0010999999940395355,false,,false,false,false,,,false,false,,2016-10-25T14:00:00.000Z,0
CVE-2016-3613,https://securityvulnerability.io/vulnerability/CVE-2016-3613,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to OpenSSL.",Oracle,Secure Global Desktop,9.8,CRITICAL,0.006949999835342169,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-0501,https://securityvulnerability.io/vulnerability/CVE-2016-0501,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.2 allows remote attackers to affect availability via vectors related to SGD Core.,Oracle,Secure Global Desktop,,,0.001560000004246831,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2014-4232,https://securityvulnerability.io/vulnerability/CVE-2014-4232,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463.",Oracle,"Virtualization,Virtualization Secure Global Desktop",,,0.00343000004068017,false,,false,false,false,,,false,false,,2014-07-17T02:36:00.000Z,0
CVE-2014-0419,https://securityvulnerability.io/vulnerability/CVE-2014-0419,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications.",Oracle,Virtualization Secure Global Desktop,,,0.010400000028312206,false,,false,false,false,,,false,false,,2014-01-15T02:50:00.000Z,0
CVE-2006-5201,https://securityvulnerability.io/vulnerability/CVE-2006-5201,,"Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.",Oracle,"Secure Global Desktop,Nss,Staroffice",,,0.007790000177919865,false,,false,false,false,,,false,false,,2006-10-10T04:06:00.000Z,0
CVE-2006-4958,https://securityvulnerability.io/vulnerability/CVE-2006-4958,,"Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available.",Oracle,Secure Global Desktop,,,0.07056000083684921,false,,false,false,false,,,false,false,,2006-09-23T10:00:00.000Z,0
CVE-2006-4959,https://securityvulnerability.io/vulnerability/CVE-2006-4959,,"Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available.",Oracle,Secure Global Desktop,,,0.010759999975562096,false,,false,false,false,,,false,false,,2006-09-23T10:00:00.000Z,0