PT-2026-44508

Name of the Vulnerable Software and Affected Versions Oracle REST Data Services versions 24.2.0 through 26.1.0 Description An issue in the Core component allows a low privileged attacker with network access via HTTPS to compromise the system. Successful exploitation can lead to unauthorized acces...

CVE-2026-21931

Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX component: Brookstrut Sample App. Supported versions that are affected are 23.2.0, 23.2.1, 24.1.0, 24.2.0 and 24.2.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2025-30756

Vulnerability in Oracle REST Data Services component: General. The supported version that is affected is 24.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle REST Data Services. Successful attacks require human interaction from...

CVE-2024-55551

An issue was discovered in Exasol JDBC driver before 24.2.1 2024-12-10. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution...

Exasol JDBC Driver 安全漏洞

Exasol JDBC Driver is a driver from Exasol for connecting to Exasol databases. A security vulnerability exists in Exasol JDBC Driver version 24.2.0, which originates from an attacker can inject malicious parameters into the JDBC URL, triggering a JNDI injection that could lead to remote code...

PT-2025-11684 · Exasol · Exasol Jdbc Driver

Name of the Vulnerable Software and Affected Versions: Exasol jdbc driver version 24.2.0 Description: An issue was discovered in the Exasol jdbc driver, where attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this U...

Vulnerabilities fixed in Oracle Communications

Oracle has fixed several vulnerabilities in its Communications products, including Oracle Communications Unified Assurance, Oracle Communications Cloud Native Core Network Function and Oracle Communications Order and Service Management. The vulnerabilities allow unauthenticated malicious actors t...

PT-2024-16486 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.1 to Infinity 24.2.0 Description: The issue is related to a Cross-Site Scripting XSS problem in the search feature of the Pega Platform. This type of issue allows attackers to inject malicious scripts into websites,...

LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction

Summary Get a valid API token, make sure you can access api functions, then replace string on my PoC code, Test on offical OVA image, it's a old version 23.9.1, but this vulerable is also exists on latest version 24.2.0 Details in file apifunctions.php, line 307 for function listdevices php $orde...

thunderbird security update

24.2.0-1.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Make sure build with nspr-devel = 4.10.0 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-1 - Update to 24.1.0 ESR...

RHEL 5 / 6 : firefox (RHSA-2013:1812)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...