CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/01/20 10:15 p.m.•2 views

CVE-2026-21931

Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX component: Brookstrut Sample App. Supported versions that are affected are 23.2.0, 23.2.1, 24.1.0, 24.2.0 and 24.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

5.4CVSS5.8AI score0.0018EPSS

6.5CVSS7.2AI score0.00251EPSS

CVE-2026-21978

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Relationship Pricing. Supported versions that are affected are 14.0.0.0.0-14.8.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

5.4CVSS7.2AI score0.00168EPSS

CVE-2026-21971

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

5.3CVSS7.1AI score0.00219EPSS

CVE-2026-21972

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successf...

ATTACKERKB•added 2026/01/20 9:56 p.m.•5 views

CVE-2026-21959

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. Successful...

4.9CVSS7.2AI score0.00307EPSS

6.5CVSS7.2AI score0.00315EPSS

CVE-2026-21960

Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite component: Java utils. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications DBA...

Positive Technologies•added 2026/01/20 12:0 a.m.•4 views

PT-2026-3684

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Push Notifications component of Oracle PeopleSoft Enterprise PeopleTools. A low-privileged attacker with network access via HTTP can compromise the system. Successfu...

5.4CVSS7.3AI score0.002EPSS

Positive Technologies•added 2026/01/20 12:0 a.m.•4 views

PT-2026-3708

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft Enterprise HCM Human Resources version 9.2 Description A flaw exists in the PeopleSoft Enterprise HCM Human Resources component, specifically within Company Dir / Org Chart Viewer and Employee Snapshot. This issue allows a...

6.1CVSS7.3AI score0.0019EPSS

CNNVD•added 2026/01/20 12:0 a.m.•4 views

Oracle Financial Services Applications security vulnerabilities

Oracle Financial Services Applications is a set of financial services software developed by Oracle Corporation in the United States. This product includes core banking, online banking, and property management functions. FLEXCUBE Investor Servicing is a comprehensive solution component that provid...

8.1CVSS7.1AI score0.00265EPSS

Exploits0References2

CNNVD•added 2026/01/20 12:0 a.m.•4 views

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...

6.1CVSS7.1AI score0.002EPSS

Exploits0References2

Positive Technologies•added 2026/01/20 12:0 a.m.•11 views

PT-2026-3701

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Integration Broker component of Oracle PeopleSoft Enterprise PeopleTools. An unauthenticated attacker with network access via HTTP can compromise the system...

6.1CVSS7.3AI score0.002EPSS

Positive Technologies•added 2026/01/20 12:0 a.m.•3 views

PT-2026-3693

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description An easily exploitable issue exists in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. An unauthenticated attacker with network access via...

6.1CVSS7.3AI score0.002EPSS

OSV•added 2026/01/19 6:14 p.m.•6 views

CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...

8.7CVSS5.6AI score0.004EPSS

Exploits0References6

RedhatCVE•added 2026/01/09 12:19 p.m.•6 views

CVE-2018-10519

CMS Made Simple CMSMS 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the effuid value within $COOKIE$this-loginkey to equal 1, because files in the tmp/ directory are accessible through HTTP requests. NOTE: this vulnerability exists because o...

8.8CVSS7.1AI score0.01014EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 11:26 a.m.•4 views

CVE-2021-2159

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Frameworks. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...

3.5CVSS4.6AI score0.00723EPSS

RedhatCVE•added 2026/01/09 10:16 a.m.•11 views

CVE-2019-2579

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware subcomponent: Advanced UI. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites...

4.3CVSS4.9AI score0.05083EPSS

RedhatCVE•added 2026/01/09 10:16 a.m.•9 views

CVE-2019-2843

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low...

5.5CVSS5.5AI score0.00831EPSS

RedhatCVE•added 2026/01/09 10:15 a.m.•8 views

CVE-2019-2605

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware subcomponent: Web Catalog. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network...

3.4CVSS5.1AI score0.01058EPSS

RedhatCVE•added 2026/01/09 10:15 a.m.•8 views

CVE-2019-2650

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

7.5CVSS6.5AI score0.39263EPSS