19 matches found
CVE-2026-46875
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Deployment Library. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...
CVE-2026-46857
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Oracle Management Service. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
PT-2026-49960
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Metadata Plugin component of the Oracle Enterprise Manager Base Platform. A low privileged attacker wi...
PT-2026-49965
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Oracle Management Service component of the Oracle Enterprise Manager Base Platform. This flaw allows a...
PT-2026-49962
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Base Platform version 13.5 Oracle Enterprise Manager Base Platform version 24.1 Description An issue exists in the Target Management component of the Oracle Enterprise Manager Base Platform. A low privileged attacker...
PT-2026-49950
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...
PT-2026-33102
Name of the Vulnerable Software and Affected Versions xwayland versions prior to 24.1.9-2.1 xorg-x11-server versions prior to 21.1.21-5.1 Description Security issues were identified in xwayland and xorg-x11-server. Recommendations Update xwayland to version 24.1.9-2.1. Update xorg-x11-server to...
Juniper Networks Paragon Automation security vulnerabilities
Juniper Networks Paragon Automation is an automation and operations platform provided by the American company Juniper Networks. Versions of Juniper Networks Paragon Automation prior to 24.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of appropriate...
CVE-2025-14596 Quartus Prime Pro Edition Installer Advisory
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer SFX on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1...
WordPress plugin Gmedia Photo Gallery 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
TencentOS Server 4: java-11-konajdk (TSSA-2024:1018)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1018 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2025-3930 Lack of JWT Expiration after Log Out in Strapi
Strapi uses JSON Web Tokens JWT for authentication. After logout or account deactivation, the JWT is not invalidated, which allows an attacker who has stolen or intercepted the token to freely reuse it until its expiration date which is set to 30 days by default, but can be changed. The existence...
EUVD-2025-33366
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59974 Junos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the application, which are then stored and executed in the context of other users' browsers when they access...
PT-2025-41433
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in Juniper Networks Junos Space. An attacker can inject script tags in the CLI...
USN-7528-1 sqlite3 vulnerabilities
It was discovered that SQLite incorrectly handled the concatws function. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 24.04 LTS, and Ubuntu 24.10. CVE-2025-29087, CVE-2025-3277 It w...
PT-2024-16015
Name of the Vulnerable Software and Affected Versions CodeChecker versions through 6.24.1 Description Authentication bypass occurs when the API URL ends with Authentication, allowing superuser access to all API endpoints other than /Authentication. These endpoints include the ability to add, edit...
PT-2024-7023 · Intel · Intel Quartus Prime Pro Edition Design
Name of the Vulnerable Software and Affected Versions: IntelR QuartusR Prime Pro Edition Design Software versions prior to 24.1 Description: The issue is related to an uncontrolled search path in the IntelR QuartusR Prime Pro Edition Design Software. This may allow an authenticated user to...
BeyondTrust Privilege Management Security Vulnerability
BeyondTrust Privilege Management is the BeyondTrust Privilege Management tool for Windows and Mac SaaS from BeyondTrust USA. A security vulnerability exists in BeyondTrust Privilege Management for Windows versions prior to 24.1. An attacker could exploit the vulnerability to view Sysvol...