1464 matches found
CVE-2026-23681
Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...
CVE-2026-24322
CVE-2026-24322 affects the SAP Solution Tools Plug-In (ST-PI). A function module does not perform required authorization checks for authenticated users, enabling disclosure of sensitive information. Impact is confined to confidentiality (high) per the provided metrics (CVSS 3.1: base 7.7, HIGH). ...
CVE-2026-24322 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing sensitive information to be disclosed. This vulnerability has a high impact on confidentiality and does not affect integrity or availability...
CVE-2026-23681 Missing Authorization check in a function module in SAP Support Tools Plug-In
Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...
CVE-2026-23681
CVE-2026-23681 affects SAP Support Tools Plug-In where a missing authorization check in a function module allows an authenticated attacker to invoke certain function modules and retrieve system and configuration information. The vulnerability risks only low confidentiality impact for the applicat...
VulnCheck KEV: CVE-2026-21962
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0...
PT-2026-7221
Name of the Vulnerable Software and Affected Versions SAP Solution Tools Plug-In affected versions not specified Description The SAP Solution Tools Plug-In ST-PI includes a function module lacking proper authorization checks for authenticated users, potentially leading to the disclosure of...
SAP Solution Tools Plug-In 安全漏洞
SAP Solution Tools Plug-In is a basic component plugin developed by the German company SAP. The SAP Solution Tools Plug-In contains a security vulnerability; this vulnerability stems from the lack of necessary authorization checks, which may lead to the disclosure of sensitive information...
Exploit for Improper Access Control in Oracle Http_Server
CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Criti...
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical CVSS 10.0 vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP access can exploit this flaw by sending crafted requests to the affected pro...
Oracle HTTP Server (January 2026 CPU)
The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy...
Oracle HTTP Server (January 2026 CPU)
The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy...
OESA-2026-1208 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
Oracle HTTP Server and Weblogic Proxy Plug-in vulnerability
Added: 01/23/2026 Background Oracle HTTP Server is the web server component for Oracle Fusion Middleware. Problem A vulnerability in Oracle HTTP Server and Weblogic Proxy Plug-in could allow a remote attacker to execute arbitrary commands by requesting a specially crafted path which allows...
Oracle HTTP Server and Weblogic Proxy Plug-in vulnerability
Added: 01/23/2026 Background Oracle HTTP Server is the web server component for Oracle Fusion Middleware. Problem A vulnerability in Oracle HTTP Server and Weblogic Proxy Plug-in could allow a remote attacker to execute arbitrary commands by requesting a specially crafted path which allows...
Exploit for CVE-2026-21962
🖥️ Preview...
CVE-2026-21962
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0...
CVE-2026-21962
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0...
Oracle Fusion Middleware security vulnerabilities
Oracle Fusion Middleware is a business innovation platform developed by Oracle Corporation for enterprise and cloud environments. This platform provides middleware, software collections, and other functions. WebLogic Server is an application server component suitable for both cloud and traditiona...
PT-2026-3709
Name of the Vulnerable Software and Affected Versions Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in for Apache HTTP Server, and Oracle Weblogic Server Proxy Plug-in for IIS versions 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 are affected. Description An easily exploitable vulnerability...