EUVD-2026-37786

Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger...

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

EUVD-2026-37749

A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted...

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

CVE-2026-49502

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access...

CVE-2026-35067

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

CVE-2026-32804

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2026-35065

Dell PowerFlex Manager, versions Versions, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Informatio...

CVE-2026-35067

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

EUVD-2026-37735

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

EUVD-2026-37733

Dell PowerFlex Manager, versions Versions, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Informatio...

CVE-2026-32804

This CVE concerns Dell PowerFlex Manager. Affected component: PowerFlex Manager (version(s) [Versions]). Vulnerability: Improper Authentication allowing an unauthenticated attacker with adjacent network access to potentially gain Unauthorized access. Evidence indicates a high-severity impact with...

EUVD-2026-37731

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access...

CVE-2026-49502

Dell PowerFlex Manager is reported vulnerable to an Improper Authentication issue. An unauthenticated attacker with adjacent network access could potentially cause Information disclosure, Information tampering, and Unauthorized access. CVSS v3.1 base score 7.4 (HIGH); attack vector ADJACENT; no u...

EUVD-2026-37729

Dell PowerFlex Manager, versions Versions, contains an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access...

CVE-2026-11858

Quanos SCHEMA ST4 on-premises is affected by a local privilege escalation due to insufficient authorization on the Client Update Service. The service, running as NT AUTHORITY\SYSTEM, exposes a .NET Remoting interface over a named pipe without proper access controls. A local authenticated low-priv...

CVE-2026-46911

Vulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards component: Job Costing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via JDENET to compromise JD Edwards EnterpriseOne...

CVE-2026-46849

Vulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle PeopleSoft component: Other. The supported version that is affected is 9.2.38. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...

CVE-2026-46825

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

CVE-2026-46808

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content...