Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub

Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.3.1 Patch 3 Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected...

CVE-2021-2289

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Template, GTIN search. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub

Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.2.2 Vulnerability Details CVEID:CVE-2025-56200 DESCRIPTION: A URL validation bypass vulnerability exists in validator.js through version 13.15.15. The isURL function uses '://' as a delimiter to parse protocols, whi...

Oracle E-Business Suite (October 2025 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are...

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in Oracle E-Business Suite Specifically for versions 12.2.3 to 12.2.14. The vulnerabilities are in several components of Oracle E-Business Suite, including iStore, Product Hub, Workflow, Applications Manager, and Marketing. These vulnerabilities allow...

CVE-2025-53043

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

CVE-2025-53043

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

CVE-2025-53043

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

EUVD-2025-35291

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Product Hub versions 12.2.3...

EUVD-2024-18966

Malicious code in bioql PyPI...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has a dependency on IBM WebSphere Application Server Liberty, which is vulnerable. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability i...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has dependencies on IBM Semeru and Node.js Axios & Babel runtime modules, which are vulnerable. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has a dependencies on IBM WebSphere Application Server Liberty and Node.js DOMPurify module, which are vulnerable. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details CVEID:CVE-2025-26791 DESCRIPTION: DOMPurify...

Security Bulletin: IBM Data Product Hub is vulnerable with IBM Semeru Runtime Quarterly CPU - Jul 2024 (CVE-2024-21131, CVE-2024-21144)

Summary IBM Data Product Hub has a dependency on IBM Semeru Runtime which is vulnerable CVE-2024-21131, CVE-2024-21144. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-21144 DESCRIPTION: An unspecified vulnerability in Java SE...

Security Bulletin: IBM Data Product Hub uses Node.js axios & elliptic modules which are vulnerable (CVE-2024-39338, CVE-2024-42459, CVE-2024-42460, CVE-2024-42461)

Summary IBM Data Product Hub has dependencies on Node.js axios & elliptic modules which are vulnerable CVE-2024-39338, CVE-2024-42459, CVE-2024-42460, CVE-2024-42461. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details CVEID:CVE-2024-42461...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has a dependencies on IBM WebSphere Application Server Liberty, IBM Semeru Runtime, and Node.js elliptic & path-to-regexp modules, which are vulnerable. This bulletin contains information regarding the vulnerabilities and their fixture. Vulnerability Details...

The vulnerability of the Item Catalog component of the Oracle Product Hub data management software in the Oracle E-Business Suite system, which allows a malicious individual to access, modify, add, or delete data.

The vulnerability of the Item Catalog component in the Oracle Data Management Software, part of the Oracle Product Hub system, which is used in the Oracle E-Business Suite for enterprise automation, is related to deficiencies in the authentication process. Exploiting this vulnerability could allo...

CVE-2024-21252

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...

CVE-2024-21252

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...