PT-2026-37348

Name of the Vulnerable Software and Affected Versions Oracle OCI CLI version 3.77 Description An issue in the Oracle OCI CLI product of Oracle Open Source Projects allows an unauthenticated attacker with network access to compromise the system. This flaw enables users to perform a path traversal,...

Qualys VMDR and TotalCloud™ Now Available on Oracle Cloud Marketplace

Key Takeaways Qualys VMDR and TotalCloud are now available on the Oracle Cloud Marketplace, simplifying procurement and deployment for Oracle Cloud Infrastructure OCI customers. Organizations can deploy security faster with native OCI integration and one-click provisioning. The combined platform...

EUVD-2021-16776

Malware in sbrugna...

EUVD-2021-16777

Malware in sbrugna...

EUVD-2021-16597

Malware in sbrugna...

EUVD-2021-16778

Malware in sbrugna...

EUVD-2025-16883

Malicious code in bioql PyPI...

EUVD-2022-26727

Malicious code in bioql PyPI...

EUVD-2022-2911

Malicious code in bioql PyPI...

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

Vulnerability fixed in Cisco Identity Services Engine for cloud platforms

Cisco has fixed a vulnerability in Identity Services Engine ISE for cloud platforms. The vulnerability involves a flaw in automatic password generation when Cisco ISE is installed on a cloud platform. This causes the same passwords to be used in different ISE cloud environments. This allows an...

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...

CVE-2022-21503

Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...

CVE-2021-2320

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2021-2138

Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Cloud Infrastructure Data Science Notebook Sessions executes...

CVE-2021-2318

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2020-14874

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of th...

CVE-2019-10457

A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

Malicious code in OCI.DotNetSDK.Waf.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...