CVE-2026-34307

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

PT-2026-34093

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

JLSEC-2026-4 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C

nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK...

CVE-2026-28492 File Browser: Path Traversal in Public Share Links Exposes Files Outside Shared Directory

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...

MiracleLinux 7 : firefox-60.1.0-5.0.1.el7 (AXSA:2018-3259:05)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3259:05 advisory. Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 Mozilla: Buffer overflow using computed size o...

Advisory ROSA-SA-2025-3094

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-34.0.2.rv3.2 CVE-ID: CVE-2022-32221 BDU-ID: 2022-07403 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the cURL command line utility is related to a logical error in the reused descriptor when processing subsequent...

Siemens SIMATIC S7-1500 Allocation of Resources Without Limits or Throttling (CVE-2024-28182)

nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK...

Malicious code in baso61 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7566b3aadc552a2e2f7b2c3608662f5571c2d20dcfdc0456e147de2f9091a5e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in alvira-61 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f45f2401b3d0887f2a7976a5448e7583d6668ad6185572a3979890c9e5f07e4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-53050

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2025-35259

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTool...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, supplier relationship management, and other capabilities.PeopleSoft Enterprise PeopleTools is one of the tools and...

CVE-2025-58014 WordPress Quiz Maker Plugin <= 6.7.0.64 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through = 6.7.0.64...

CVE-2025-57797

Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command...

Linux Distros Unpatched Vulnerability : CVE-2018-12376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort th...

SUSE-SU-2025:02604-1 Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: - CVE-2024-56664: bpf, sockmap: Fix race between element replace and close bsc1235250. - CVE-2025-37797: netsched: hfsc: Fix a UAF vulnerability in class handling bsc1245793. -...

CVE-2024-21065

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2024-21180

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: OpenSearch Dashboards. Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2019-19041

An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. They do not correctly verify the integrity of an upgrade package before processing it. As a result, official upgrade packages can be modified to inject an arbitrary Bash script that will be executed by...