CVE-2026-46932

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-46897

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

PT-2026-50004

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 Oracle Enterprise Command Center Framework versions V16 Description An issue in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with...

PT-2026-49885

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Web Server Plugin. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Acces...

CVE-2026-35250

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle V...

CVE-2026-34277

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2026-34302

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. While the...

CVE-2026-46843

Vulnerability in Oracle REST Data Services component: Core. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of this vulnerability can...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to April 2026 CPU

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in April 2026. These issues are also addressed by WebSphere Application Server shipped with WebSphere...

Oracle REST Data Services 安全漏洞

Oracle REST Data Services is a middleware tool provided by Oracle Corporation in the United States, which exposes features of the Oracle database to applications through RESTful APIs. Versions 24.2.0 to 26.1.0 of Oracle REST Data Services contain security vulnerabilities. These vulnerabilities st...

Security Bulletin: IBM Rational® Application Developer for WebSphere® Software is vulnerable to a remote attack to take over Java SE

Summary IBM® SDK, Java™ Technology Edition, is used by IBM Rational® Application Developer for WebSphere® Software as the runtime and development kit. CVE-2025-50106 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with netwo...

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues CVE-2026-1188: eclipse: ensure room for separator in omrsysinfogetprocessorfeaturestring bsc1265261. CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows an unauthenticat...

Astra Linux - уязвимость в openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: ImageIO. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable vulnerabili...

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle April 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017738 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.20 and prior. Easily exploitable...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017711 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior...

openSUSE 16 Security Update : java-17-openjdk (openSUSE-SU-2026:20680-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20680-1 advisory. Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to...