CVE-2026-34300

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft component: Contracts. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts...

CVE-2026-22006

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

PT-2026-34087

Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft component: Person Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise H...

PT-2026-34090

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft component: Absence Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

Vim < 9.2.0077 Heap-based Buffer Overflow (GHSA-r2gw-2x48-jj5p)

The version of Vim installed on the remote host is prior to 9.2.0077. It is, therefore, affected by a vulnerability as referenced in the GHSA-r2gw-2x48-jj5p advisory. - Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault...

CVE-2026-25731

Calibre prior to version 9.2.0 contains a Server-Side Template Injection (SSTI) vulnerability in its Templite templating engine that can lead to arbitrary code execution when a malicious custom template is used with --template-html or --template-html-index during ebook conversion. The issue is fi...

CVE-2026-21961

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Company Dir / Org Chart Viewer, Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2026-21961

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Company Dir / Org Chart Viewer, Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

EUVD-2025-200228

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other capabilities. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

Mockoon 安全漏洞

Mockoon is an interface software of mockoon open source. A security vulnerability exists in Mockoon versions prior to 9.2.0 that stems from a path traversal and local file inclusion vulnerability in the static file service configuration...

CVE-2024-28417

Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/wecmd.php...

CVE-2023-44764

A Cross Site Scripting XSS vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation aka Site of Installation or Settings...

CVE-2021-2404

Vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway product of Oracle PeopleSoft component: e-mail notification. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Tools Specifically for versions 9.2.0.0 to 9.2.9.2. The vulnerabilities in JD Edwards EnterpriseOne Tools allow unauthenticated malicious actors to access the system via HTTP, which can lead to unauthorized access to and manipulation of...

CVE-2025-26818

Netwrix Password Secure through 9.2 allows command injection...

Oracle PeopleSoft Enterprise CC Common Application Objects 安全漏洞

Oracle PeopleSoft Enterprise CC Common Application Objects is a Common Application Objects component from Oracle Corporation USA. A security vulnerability exists in Oracle PeopleSoft Enterprise CC Common Application Objects version 9.2. An attacker could exploit the vulnerability to update, inser...

Oracle JD Edwards Products 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle Corporation USA. The products provide application modules for financial management, project management, and asset lifecycle management.JD Edwards EnterpriseOne Tools is one of the...

qdPM Path Traversal Vulnerability

qdPM is a web-based open source project management tool. A security vulnerability exists in qdPM version 9.2 that stems from the presence of a directory traversal vulnerability. Allows an attacker to list files and directories by navigating to the /uploads URI...

IBM License Metric Tool Path Traversal Vulnerability

The IBM License Metric Tool is a set of free tools from International Business Machines IBM that help IBM Passport Advantage Software Upgrade and Support Services customers determine their Processor Value Unit PVU license requirements. A path traversal vulnerability exists in IBM License Metric...