CVE-2026-21789

CVE-2026-21789 affects HCL Connections and describes a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios. The CVSS 3.1 base score is 4.6 (MEDIUM) with a vector: AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N, indicating network attack with low privil...

CVE-2026-21789

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

Oracle PeopleSoft Enterprise HCM Shared Components 安全漏洞

Oracle PeopleSoft Enterprise HCM Shared Components is a set of common component modules for human resources systems developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise HCM Shared Components contains a security vulnerability. This vulnerability stems from issues with the...

CVE-2026-21967

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications component: Opera Servlet. Supported versions that are affected are 5.6.19.23, 5.6.25.17, 5.6.26.10 and 5.6.27.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

Oracle Health Sciences Applications security vulnerabilities

Oracle Health Sciences Applications is a clinical research and development solution developed by Oracle Corporation for the healthcare industry in the United States. Version 7.0.1.0 of Oracle Life Sciences Central Designer in Oracle Health Sciences Applications contains a security vulnerability...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. There was a security vulnerability in the PeopleSoft...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise HCM Human Resources is one of...

mysql: DML unspecified vulnerability (CPU Oct 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

EUVD-2025-35263

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Upload Attachments. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the Server: DML component. A high privileged attacker can cause the server to hang or crash, and perform unauthorized update, insert, or delete operations on accessible data by sending crafted requests over the...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the InnoDB component. A high privileged attacker can cause the server to hang or crash, and may perform unauthorized update, insert, or delete operations on accessible data by sending crafted requests over the...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management, etc. Applications Framework OA Framework, OAF is one of the business development platform...

EUVD-2024-39458

Malicious code in bioql PyPI...

mysql: mariadb: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Linux Distros Unpatched Vulnerability : CVE-2023-21937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are...

CVE-2025-31961

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

CVE-2023-21986

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Native Image. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the...

CVE-2023-21904

Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications component: OBVAM Trn Journal Domain. Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult to exploit vulnerability allows high privileged attacker with network acces...

UBUNTU-CVE-2025-30693

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2025-21557

Vulnerability in Oracle Application Express component: General. Supported versions that are affected are 23.2 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attacks require human interacti...