CVE-2026-21940

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: User and User Group. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of...

EUVD-2019-2737

Malware in sbrugna...

CVE-2025-53031

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable vulnerability allows...

CVE-2024-21133

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Servlet. Supported versions that are affected are 12.2.1.4.0 and 12.2.1.19.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports...

CVE-2018-11958

Insufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650,...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2025-011)

The version of java-11-openjdk installed on the remote host is prior to 11.0.12.0.7-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2025-011 advisory. Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to a lack of mechanisms for verifying the source, allows attackers to access confidential data.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit is related to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

The vulnerability of HashiCorp’s Vault and Vault Enterprise storage platforms, which stem from lack of access control mechanisms, allows attackers to gain access to potentially confidential information.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms for corporate information lies in their lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to potentially confidential information...

CVE-2024-39328

Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role Config Admin could exceed their configuration privileges in a multi-partition environment and access some confidential data. Data integrity and availability is not at risk...

The vulnerability of the /usr/ucb/ps component of the Solaris operating system, which allows a hacker to access confidential information

The vulnerability of the /usr/ucb/ps component of the Solaris operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker to access confidential information...

CVE-2024-55663 XWiki Platform has an SQL injection in getdocuments.vm with sort parameter

XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 13.10.5 and 14.3-rc-1, in getdocument.vm; the ordering of the returned documents is defined from an unsanitized request parameter request.sort and can allow any user to inject HQL. Depending on th...

ROS-20241212-01

Vulnerability of pcre2jitcompile.c function of PCRE2 regular expression library is related to reading beyond data buffer boundaries. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data and also to access the data. remotely to gain access to...

The vulnerability of the software for managing software product licenses in HPE AutoPass License Server arises from incorrect restrictions on XML links to external objects. This allows a perpetrator to access confidential information.

The vulnerability of the software for managing HPE AutoPass License Server product licenses is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow an attacker to access confidential information...

The vulnerability of the NTB component in the Linux operating system’s kernel allows a hacker to gain access to confidential information.

The vulnerability of the NTB component in the Linux operating system’s kernel is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

The vulnerability of the web server used by the monitoring and network traffic analysis software in SINEC Traffic Analyzer allows a hacker to access confidential information.

The vulnerability of the web server of the monitoring and network traffic analysis software in industrial networks, SINEC Traffic Analyzer, is related to improper security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to gain access to confidential...

The vulnerability of the WebRTC component in Google Chrome browsers, related to recording beyond the buffer limit, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebRTC component in the Google Chrome web browser is related to memory corruption beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access sensitive data, compromise its integrity, and cause service interruptions...

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ps-pdf.cxx component of the HTMLDOC document conversion tool is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

PT-2024-8614 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A flaw was found in Moodle related to local file inclusion when restoring incorrect block backups. This issue may allow a remote attacker to access confidential data. The estimated number of...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to an access...