314 matches found
openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...
CVE-2026-21938
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2026-21951
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
EUVD-2026-3584
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...
EUVD-2026-3566
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...
EUVD-2026-3571
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2026-21951
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...
CVE-2026-21925
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...
CVE-2026-21933
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...
PT-2026-3675
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf Oracle Java SE version 11.0.29 Oracle Java SE version 17.0.17 Oracle Java SE version 21.0.9 Oracle Java SE version 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM...
Oracle PeopleSoft security vulnerabilities
Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
A potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the drive...
CVE-2025-13453
CVE-2025-13453 concerns ThinkPlus USB drives where a user with physical access could read data stored on the drive. The NVD entry and multiple third-party sources (Red Hat, EUVD, CIRCL, CVE records) describe the issue as a data-retrieval risk tied to physical access, with CVSS v3.1 base score 4.6...
CVE-2026-22788
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies,...
CVE-2021-2110
Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications component: Letters. The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the...
AZL-73325 CVE-2025-68131 affecting package python-cbor2 5.6.5-2
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
Qnap QTS and QuTS hero Server-Side Request Forgery(CVE-2024-53696)
A server-side request forgery SSRF vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center...
CVE-2025-13837 Out-of-memory when loading Plist
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...