CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

Oracle Agile Product Lifecycle Management for Process 安全漏洞

Oracle Agile Product Lifecycle Management for Process is a product lifecycle management system designed for the process industry by Oracle Corporation. Version 6.2.4 of Oracle Agile Product Lifecycle Management for Process contains a security vulnerability. This vulnerability stems from issues wi...

CVE-2026-40046

CVE-2026-40046 is an Integer Overflow/Wraparound vulnerability in Apache ActiveMQ and related modules (ActiveMQ, ActiveMQ All, ActiveMQ MQTT) caused by improper validation of the MQTT remaining length field. A fix intended for CVE-2025-66168 was applied only to 5.19.2+ but was missed for 6.0.0–6....

CVE-2025-13726 IBM Sterling Partner Engagement Manager Information Disclosure

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system...

EUVD-2026-3543

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Supplier Portal. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

EUVD-2026-3565

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2026-21969

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Supplier Portal. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

PT-2026-3694

Name of the Vulnerable Software and Affected Versions Oracle Agile Product Lifecycle Management for Process version 6.2.4 Description An easily exploitable issue exists in the Product Quality Management component of Oracle Agile Product Lifecycle Management for Process. A low-privileged attacker...

CVE-2025-48255

Cross-Site Request Forgery CSRF vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: from n/a through 6.2.4...

CVE-2025-48255 WordPress Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP <= 6.2.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP: from n/a through 6.2.4...

PT-2024-10910 · Appspace · Appspace

Name of the Vulnerable Software and Affected Versions: Appspace version 6.2.4 Description: The issue is related to Incorrect Access Control via the Appspace Web Portal password reset page. This allows potential exploitation. The estimated number of potentially affected devices worldwide is not...

Appspace 安全漏洞

Appspace is a software application from Appspace, Inc. provides built-in content policies to easily implement and enforce team communication programs. A security vulnerability exists in Appspace version 6.2.4 that stems from an access control error...

WordPress plugin RSVPMaker for Toastmasters 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

CVE-2023-6701

The Advanced Custom Fields ACF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including, 6.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...

LOYTEC LINX-212 Security Vulnerability

LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 6.2.4 firmware version. The vulnerability stems from the fact that the Web user interface requires login credentials for critical information data, debugging, configurations, etc., but the...

LOYTEC LINX-212 Access Control Error Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. An access control error vulnerability exists in the LOYTEC LINX-212 6.2.4 firmware version, which stems from a lack of authentication on the Web user interface, and can be exploited by an attacker to edit or delete current Web items, chang...

CVE-2023-0142

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors...

PT-2023-16031 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions 6.2.4-25556-7 and earlier, 7.0.1-42218-6 and earlier Synology DiskStation Manager DSM version 7.1-42660 and earlier Description: The issue allows remote authenticated users with administrator privileg...

XWiki 6.2.4 < 13.10.10, 14.x < 14.4.6, 14.5.x < 14.9 Eval Injection Vulnerability (GHSA-x2qm-r4wx-8gpg)

Xwiki is prone to an eval injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...