950664 matches found
CVE-2026-10836
Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted requests. A successful exploit could result in the generation of manipulated links or responses, potentially leading to limited information disclosure or compromising...
CVE-2025-59872
HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system command...
CVE-2025-48640
In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-37701
A remote attacker can inject LDAP special characters into the Distinguished Name DN construction in DefaultLdapRealm class. User-supplied username input is directly concatenated into the LDAP DN template without any escaping of RFC 2253 special characters. This allows an attacker to manipulate th...
CVE-2026-10836
The CVE-2026-10836 entry concerns a vulnerability in Password Manager where improper neutralization of HTTP headers allows an attacker to manipulate the Host header via crafted requests. This can lead to generation of manipulated links or responses and potentially cause limited information disclo...
CVE-2026-46978
Vulnerability in the Oracle Solaris product of Oracle Systems component: Remote Administration Daemon. The supported version that is affected is 11.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Solaris. While the vulnerabili...
CVE-2026-46949
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2026-46920
Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM component: Siebel Cloud Manager. Supported versions that are affected are 17.0-26.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud...
CVE-2026-46893
Vulnerability in the JD Edwards EnterpriseOne General Ledger product of Oracle JD Edwards component: E1 Foundation. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise JD Edwards EnterpriseOne...
CVE-2026-46897
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2026-46894
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite component: Home Page. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle iSupplier Portal...
CVE-2026-46891
Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product of Oracle JD Edwards component: Accounts Payable. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
CVE-2026-46870
Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell for VS Code. The supported version that is affected is 2026.2.0+9.6.1. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Shell. While the...
CVE-2026-46859
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: Security. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this...
CVE-2026-46846
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2026-46806
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle WebCenter Content...
CVE-2026-46800
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2026-46801
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2026-46802
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2026-46791
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content...