CVE-2025-50108

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion component: Workspace. The supported version that is affected is 11.2.20.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the mysqldump component. An attacker can gain unauthorized access to read and modify certain data by leveraging network access and requiring interaction from another user. Remediation A fix was pushed into the...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, supplier relationship management, and other capabilities.PeopleSoft Enterprise PeopleTools is one of the tools and...

CVE-2025-5040

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

The vulnerability of the Calendar Storage module in the EMUI operating system of HarmonyOS allows a hacker to gain access to and modify data.

The vulnerability of the Calendar Storage module in the EMUI operating system of HarmonyOS is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to read and modify data...

The vulnerability of the Page and Field Configuration components of the Business Process Management tool in PeopleSoft Enterprise CC Common Application Objects of the Oracle PeopleSoft Products allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Page and Field Configuration components in the PeopleSoft Enterprise CC Common Application Objects business process management tool from the Oracle PeopleSoft Products family is related to deficiencies in access control. Exploiting this vulnerability could allow an attack...

The vulnerability of the AC system’s risk management plugin, along with compliance requirements and corporate governance in SAP GRC, allows a perpetrator to gain unauthorized access to read and modify data.

The vulnerability of the AC system’s risk management plugin, as well as issues related to compliance requirements and SAP GRC Governance, Risk, and Compliance corporate management, are linked to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker...

CVE-2025-27207

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized re...

AMD Versal Adaptive SoC 安全漏洞

AMD Versal Adaptive SoC is a chip from Ultra Micro Semiconductor AMD. A security vulnerability exists in AMD Versal Adaptive SoC that stems from an SSS misconfiguration that could result in data being incorrectly written and read...

CVE-2024-50406

A cross-site scripting XSS vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version:...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to read, update, add, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to access control errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, update, add, and delete data using the HTTP protocol...

CVE-2024-20991

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful...

CVE-2024-21042

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2024-21180

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: OpenSearch Dashboards. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2023-21924

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2023-22020

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2023-22118

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2023-22037

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: MS Excel Specific. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

CVE-2023-22051

Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: GraalVM Compiler. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit...

CVE-2023-22061

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Visual Analyzer. The supported version that is affected is 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...