CVE-2025-1139

CVE-2025-1139 affects IBM Edge Application Manager 4.5. A local user can read or modify resources due to incorrect permission assignment. Root cause: improper/incorrect permission provisioning. Impact: unauthorized access to resources on the device. Mitigation: upgrade to patched IBM Edge Applica...

IBM Edge Application Manager 安全漏洞

IBM Edge Application Manager is an application from International Business Machines IBM, Inc. provides powerful solutions to address the need to deliver enterprise computing power at the edge of the cloud, closer to where the data is created and at the edge of the enterprise where action needs to...

PT-2025-34061 · Ibm · Edge Application Manager

Name of the Vulnerable Software and Affected Versions: IBM Edge Application Manager version 4.5 Description: IBM Edge Application Manager 4.5 may allow a local user to read or modify resources without proper authorization due to incorrect permission assignment. Recommendations: At the moment, the...

Linux Distros Unpatched Vulnerability : CVE-2020-2593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231,...

CVE-2025-4394

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...

Medtronic MyCareLink Patient Monitor 安全漏洞

Medtronic MyCareLink Patient Monitor is an open source monitoring system for remote patient monitoring from Medtronic in the United States. A security vulnerability exists in Medtronic MyCareLink Patient Monitor versions prior to 2025.6.25, which stems from the use of an unencrypted file system f...

The vulnerability of the Oracle Database Materialized View component of the Oracle Database Server allows a attacker to gain access to read, modify, or delete data.

The vulnerability of the Oracle Database Materialized View component in the Oracle Database Server management system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, or delete data...

UBUNTU-CVE-2025-53964

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...

The vulnerability of the AC system’s risk management plugin, along with compliance requirements and corporate governance in SAP GRC, allows a perpetrator to gain unauthorized access to read and modify data.

The vulnerability of the AC system’s risk management plugin, as well as issues related to compliance requirements and SAP GRC Governance, Risk, and Compliance corporate management, are linked to deficiencies in the authorization process. Exploiting this vulnerability could allow an attacker...

The vulnerability of the microprogramming software of Schneider Electric’s programmable logic controller Modicon M340 and its network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H lies in the insufficient protection of operational data. This allows unauthorized access by intruders to read, modify, or delete data, or to cause malfunctions in the system.

The vulnerability of the microprogramming software of Schneider Electric’s Modicon M340 programmable logic controller, as well as the network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H, is related to insufficient protection for operational data. Exploiting this vulnerability can allow an...

Siemens SCALANCE LPE9403 Security Bypass Vulnerability

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. A security bypass vulnerability exists in the Siemens SCALANCE LPE9403, which is caused by bypassing authentication. An...

CVE-2024-21038

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2024-21042

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2023-22118

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

CVE-2023-21921

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications component: Core. Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2023-23857

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

CVE-2023-3264

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...

Cisco Unified Contact Center Enterprise 访问控制错误漏洞

Cisco Unified Contact Center Enterprise is a unified contact center from Cisco USA. An access control error vulnerability exists in Cisco Unified Contact Center Enterprise that stems from a lack of proper authentication controls and could result in data being read or modified...

CVE-2025-3708

Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

Le-show Medical Practice Management System SQL注入漏洞

Le-show Medical Practice Management System is an integrated management system for medical clinics by Le-show, a Chinese company. A SQL injection vulnerability exists in Le-show Medical Practice Management System V3.0.25 and prior versions, which stems from a SQL injection vulnerability that could...