CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

CVE-2026-2094

CVE-2026-2094 concerns Docpedia (Flowring) with a SQL Injection flaw. The described impact: authenticated remote attackers can inject arbitrary SQL to read, modify, and delete database contents. The connected sources (NVD/Red Hat/CVE listing and other feeds) reiterate the same description; no con...

CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

CVE-2025-12063

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

CVE-2025-12063

Technical details (affected products, versions, root cause, or fixes) are not publicly available in the provided documents. Monitor for updates from vendors and threat intel feeds.

CVE-2026-24319

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high...

PT-2026-7233

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions...

PT-2026-6737

Name of the Vulnerable Software and Affected Versions html5 snmp version 1.11 Description The software contains multiple SQL injection flaws that allow manipulation of database queries. Attackers can leverage the Router ID and Router IP parameters to exploit error-based, time-based, and union-bas...

CVE-2025-15080

CVE-2025-15080 affects Mitsubishi Electric MELSEC iQ-R Series (R08PCPU, R16PCPU, R32PCPU, R120PCPU). The vulnerability stems from improper validation of a specified quantity in input within the proprietary protocol/SLMP communications, enabling an unauthenticated attacker to read device data or p...

CVE-2026-21923

Vulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications component: Platform. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life...

CVE-2026-21946

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

EUVD-2026-3551

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Company Dir / Org Chart Viewer, Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2026-21971

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

CVE-2026-21966

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications component: Opera. Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2026-21943

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

CVE-2026-21938

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2026-21938

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2026-21931

Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX component: Brookstrut Sample App. Supported versions that are affected are 23.2.0, 23.2.1, 24.1.0, 24.2.0 and 24.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...