CVE-2023-21916

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Web Server. Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

CVE-2023-21973

Vulnerability in the Oracle iProcurement product of Oracle E-Business Suite component: E-Content Manager Catalog. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iProcurement...

CVE-2022-39419

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of...

CVE-2021-2066

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

CVE-2021-2240

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-2476

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Authentication. The supported version that is affected is 6.4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Transportation...

CVE-2021-35580

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2021-35595

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Business Interlink. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2025-20242

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise CCE could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this...

DEBIAN-CVE-2025-46801

Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or...

CLSA-2025-1746654460 libsoup: Fix of CVE-2024-52532

CVE-2024-52532: websocket process the frame as soon as we read data...

CVE-2025-20223

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP...

Sunnet eHRD CTMS SQL注入漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from China Sunnet Sunnet. A SQL injection vulnerability exists in Sunnet eHRD CTMS version 10.13 and prior versions, which stems from a SQL injection vulnerability that could allow a remote attacker to read...

openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

CVE-2025-30713

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager product of Oracle PeopleSoft component: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory...

CVE-2024-43067

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory...

Synology Mail Server 安全漏洞

Synology Mail Server is an email server from China-based Synology Inc. A security vulnerability exists in Synology Mail Server, which originates from the ability to bypass access restrictions to read or modify data...

The vulnerability of the Service Layer component of the SAP Business One resource management system allows a malicious actor to enhance their privileges and gain access to read, modify, and/or add data.

The vulnerability of the Service Layer component of the SAP Business One resource management system is related to improper session management. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain access to read, modify, and/or add data...

CVE-2024-54027

A Use of Hard-coded Cryptographic Key vulnerability CWE-321 in FortiSandbox version 4.4.6 and below, version 4.2.7 and below, version 4.0.5 and below, version 3.2.4 and below, version 3.1.5 and below, version 3.0.7 to 3.0.5 may allow a privileged attacker with super-admin profile and CLI access t...