26 matches found
Vulnerabilities in Oracle Identity Manager Connector
Oracle has identified several vulnerabilities in the Oracle Identity Manager Connector version 12.2.1.4.0. These vulnerabilities allow an attacker without authentication to perform unauthorized actions through network access via HTTPS or HTTP, such as creating, deleting, or modifying critical dat...
CVE-2026-34285
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Identity Manager...
Oracle多款产品 安全漏洞
Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is a tool used for developing and deploying Java applications for desktop, server, embedded devices, and real-time environments. Oracle GraalVM is a just-in-time compiler written in the Java...
Oracle多款产品 安全漏洞
Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...
Oracle HTTP Server 安全漏洞
Oracle HTTP Server is a web server component of Oracle’s Fusion Middleware, developed by Oracle Corporation in the United States. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of Oracle HTTP Server contain security vulnerabilities. These vulnerabilities stem from issues with Core components, which may all...
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. Versions of Oracle Database Server from 23.4.0 to 23.26.1 have security...
EUVD-2026-5082
The Booking Calendar plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wpbcajaxWPBCFLEXTIMELINENAV function in all versions up to, and including, 10.14.13. This makes it possible for unauthenticated attackers to retrieve booking information...
Vulnerabilities fixed in Oracle Financial Services
Oracle has fixed vulnerabilities in several products, including Oracle Banking Liquidity Management, Oracle Financial Services Model Management and Oracle FLEXCUBE. The vulnerabilities in the Oracle products allow unauthenticated attackers to gain access to sensitive data and perpetrate...
CVE-2026-22788
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies,...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...
Apollo Router Core 安全漏洞
Apollo Router Core is a router core application for the Apollo community. A security vulnerability exists in Apollo Router Core versions prior to 1.61.11 and versions 2.0.0-alpha.0 through 2.8.1-rc.0, which stems from mishandling of access control commands and could lead to unauthenticated querie...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle fixed vulnerabilities in Enterprise Manager The vulnerabilities allow unauthorized attackers to gain access to sensitive data and can lead to denial-of-service DoS attacks. Specifically, the vulnerability in Oracle Enterprise Manager's Security Framework can be exploited by unauthenticated...
EUVD-2025-29146
Malicious code in bioql PyPI...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
PT-2025-36344
Name of the Vulnerable Software and Affected Versions: UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress versions through 1.2.44 Description: The UsersWP plugin for WordPress is susceptible to a time-based SQL Injection issue due to...
Linux Distros Unpatched Vulnerability : CVE-2023-21930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracl...
PT-2025-4286 · Oracle · Oracle Agile Plm Framework
Name of the Vulnerable Software and Affected Versions: Oracle Agile PLM Framework version 9.3.6 Description: The vulnerability in the Oracle Agile PLM Framework is related to weaknesses in the authorization mechanism of the Install component. This issue can be exploited by a remote attacker to...
ServiceNow Now Platform 安全漏洞
ServiceNow Now Platform is a cloud-based platform from US-based ServiceNow that uses AI and machine learning to automate and optimize work across the enterprise. ServiceNow Now Platform has a security vulnerability that stems from a blind SQL injection, which could allow an unauthenticated user t...
CVE-2024-1095
The Build & Control Block Patterns – Boost up Gutenberg Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the settingsexport function in all versions up to, and including, 1.3.5.4. This makes it possible for unauthenticated attackers to...
SUSE SLES12 Security Update : python36 (SUSE-SU-2023:3731-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3731-1 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affect...