CVE-2026-21789

CVE-2026-21789 affects HCL Connections and describes a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios. The CVSS 3.1 base score is 4.6 (MEDIUM) with a vector: AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N, indicating network attack with low privil...

CVE-2026-21789

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

BIT-JAVA-MIN-2024-21068

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2 and 22; Oracle...

CVE-2026-34283

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: Identity Console. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Oracle PeopleSoft Enterprise HCM Shared Components 安全漏洞

Oracle PeopleSoft Enterprise HCM Shared Components is a set of common component modules for human resources systems developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise HCM Shared Components contains a security vulnerability. This vulnerability stems from issues with the...

CVE-2026-21967

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications component: Opera Servlet. Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

CVE-2026-21923

Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications component: Platform. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life...

Oracle Health Sciences Applications security vulnerabilities

Oracle Health Sciences Applications is a clinical research and development solution developed by Oracle Corporation for the healthcare industry in the United States. Version 7.0.1.0 of Oracle Life Sciences Central Designer in Oracle Health Sciences Applications contains a security vulnerability...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. There was a security vulnerability in the PeopleSoft...

Oracle Hospitality Applications security vulnerabilities

Oracle Hospitality Applications is a set of business applications, servers, and storage solutions for hotel management developed by Oracle Corporation in the United States. This product offers features such as human resources cost management and tracking of services provided throughout customers’...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise HCM Human Resources is one of...

CVE-2021-2158

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion component: Task Automation. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Management...

CVE-2021-2025

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Web General. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker wi...

CVE-2021-2182

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Shopping Cart. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...

mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can resul...

mysql: DML unspecified vulnerability (CPU Oct 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: DML unspecified vulnerability (CPU Oct 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2025-11884

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4...

CVE-2025-11884 Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4...

mysql: mariadb: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...