CVE-2011-4169

Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2010-2707

Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors...

CVE-2025-20242

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise CCE could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this...

CVE-2025-20223

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP...

CVE-2025-3708

Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

CVE-2025-30713

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager product of Oracle PeopleSoft component: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

UBUNTU-CVE-2025-30698

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

Synology Mail Server 安全漏洞

Synology Mail Server is an email server from China-based Synology Inc. A security vulnerability exists in Synology Mail Server, which originates from the ability to bypass access restrictions to read or modify data...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper API access control mechanisms. An attacker can modify data type information that should be restricted by exploiting the insufficient security restrictions applied to low-privilege user accounts...

SAP Business One 授权问题漏洞

SAP Business One is a suite of business management software from the German company SAP. The software includes functionality for financial management, operations management, and human resource management. SAP Business One suffers from an authorization issue vulnerability that stems from improper...

CVE-2024-50405

An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We have already fixed the...

mysql: mysqldump unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2025-1389

Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

CVE-2024-22059

A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote authenticated user to read/modify/delete information in the underlying database. This may also lead to DoS...

CVE-2025-21542

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications component: Security. Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...

CVE-2025-21507

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

CVE-2025-0585

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

SAP NetWeaver AS 代码问题漏洞

SAP NetWeaver AS is an SAP web application server from SAP, Germany. It not only provides web services, but is also the basic platform for SAP software. A code issue vulnerability exists in SAP NetWeaver AS, which stems from susceptibility to a stored cross-site scripting attack that allows an...