CVE-2021-2195

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Attribute Admin Setup. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

CVE-2021-2069

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

CVE-2021-2483

Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite component: Content Item Manager. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Content Manager...

CVE-2021-2434

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2021-2289

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Template, GTIN search. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2249

Vulnerability in the Oracle Landed Cost Management product of Oracle E-Business Suite component: Shipment Workbench. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2021-2254

Vulnerability in the Oracle Project Contracts product of Oracle E-Business Suite component: Hold Management. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project Contracts...

CVE-2021-2227

Vulnerability in the Oracle Cash Management product of Oracle E-Business Suite component: Bank Account Transfer. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cash Managemen...

CVE-2021-2263

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite component: Intelligence, RFx. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Sourcing. Successful...

CVE-2021-2461

Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications component: Provision API. The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2025-40836

Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges...

CVE-2022-0247

An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots. A local attacker could modify objects in the VMO that they do not have permission to. We recommend upgrading past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d or any of the listed versions...

CVE-2025-14657

CVE-2025-14657 affects the Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin for WordPress (AI Powered). The WordFence report confirms an unauthenticated bypass: missing authorization to modify settings via post_settings, allowing data modification. The issue also ...

CVE-2025-14657 Eventin – Event Manager, Event Booking, Calendar, Tickets and Registration Plugin (AI Powered) <= 4.0.51 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via 'post_settings'

The Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postsettings' function in all versions up to, and including, 4.0.51. This makes it possible for...

CVE-2025-14886

CVE-2025-14886 concerns Japanized for WooCommerce for WordPress. It is a data modification vulnerability due to missing capability check on the order REST API endpoint, affecting all versions up to and including 2.7.17. Unauthenticated attackers could mark any WooCommerce order as processed/compl...

WordPress plugin WP Table Builder – Drag & Drop Table Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-1749

Name of the Vulnerable Software and Affected Versions Eventin – Event Manager, Events Calendar, Event Tickets and Registrations plugin for WordPress versions up to and including 4.0.51 Description The Eventin plugin for WordPress is susceptible to unauthorized data modification because of a missi...

WordPress plugin Tutor LMS – eLearning and online course solution 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

mysql: mariadb: mysqldump unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

mysql: mariadb: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...