CVE-2026-35244

Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.24.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-38699

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

PT-2026-38711

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

BIT-JAVA-MIN-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

Sunnet CTMS SQL注入漏洞

Sunnet CTMS is an enterprise training software developed by Sunnet Corporation in China. Sunnet CTMS has a SQL injection vulnerability, which allows a remote attacker to inject arbitrary SQL commands to read, modify, and delete database content...

PT-2026-34145

Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications component: App Server. Supported versions that are affected are 7.0.1.0 and 7.0.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life...

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

PT-2026-3727

Name of the Vulnerable Software and Affected Versions Oracle Life Sciences Central Coding version 7.0.1.0 Description An easily exploitable issue exists in the Oracle Life Sciences Central Coding product, specifically within the Platform component. An unauthenticated attacker with network access...

CVE-2021-2375

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.5.3 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

CVE-2021-2106

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2025-53065

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2025-35269

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2025-42958

Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a high impact on the...

The vulnerability of the AC system’s risk management plugin, along with compliance requirements and corporate governance in SAP GRC, allows a perpetrator to gain unauthorized access to read and modify data.

The vulnerability of the AC system’s risk management plugin, as well as issues related to compliance requirements and SAP GRC Governance, Risk, and Compliance corporate management, are linked to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker...

CVE-2024-21042

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2023-22118

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

Cisco Unified Contact Center Enterprise 访问控制错误漏洞

Cisco Unified Contact Center Enterprise is a unified contact center from Cisco USA. An access control error vulnerability exists in Cisco Unified Contact Center Enterprise that stems from a lack of proper authentication controls and could result in data being read or modified...

PT-2024-10266 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to a vulnerability in the Web Runtime SEC component of JD Edwards EnterpriseOne Tools, which can be easily exploited. This vulnerability allows an...

The vulnerability of NVIDIA ConnectX network cards’ microprogramming software and NVIDIA BlueField data processing processor microprogramming software, related to access control deficiencies, allows attackers to gain unauthorized access to read and modify data, or cause service failures.

The vulnerability of NVIDIA ConnectX network cards’ microprogramming software and NVIDIA BlueField data processing processor microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access t...

The vulnerability of the SAP NetWeaver AS ABAP software integration platform, related to deficiencies in access control, allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the SAP NetWeaver AS ABAP software integration platform is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain read, modify, or delete access to data by injecting CSS code or loading a specially created malicious page...