28 matches found
CVE-2026-46896
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Enterprise...
CVE-2026-46902
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Enterprise...
CVE-2026-46895
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...
PT-2026-50006
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 through V16 Description An issue exists in the Core component of the Oracle Enterprise Command Center Framework. A low privileged attacker with network access via HTTP can compromise the...
PT-2026-50005
Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 through V16 Description An issue in the Core component of the Oracle Enterprise Command Center Framework allows an unauthenticated attacker with network access via HTTPS to compromise the...
CVE-2026-34684
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-37884
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...
CVE-2026-27312 Bridge | Heap-based Buffer Overflow (CWE-122)
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
FreeBSD-SA-26:06.tcp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:06.tcp Security Advisory The FreeBSD Project Topic: TCP: remotely exploitable DoS vector mbuf leak Category: core Module: tcp Announced: 2026-03-26 Credits:...
EUVD-2026-9384
SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding unencrypted content, allowing exposure of sensitive information to an unauthorized actor...
CVE-2026-21349
Lightroom Desktop vulnerable to an out-of-bounds write (CWE-787) in version 15.1 and earlier, enabling arbitrary code execution in the current user context after opening a malicious file. Affected products/versions are consistently stated across CVE sources (NVD/Red Hat). Root cause is an out-of-...
CVE-2025-66432
In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...
CVE-2025-66432
In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...
Oxide Control Plane 安全漏洞
Oxide Control Plane is an open source console software from Oxide Computer Company. A security vulnerability exists in Oxide Control Plane versions 15 through 17 and prior to 17.1, which stems from the possibility that API tokens may continue to be used after expiration...
FreePBX 路径遍历漏洞
FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A path traversal vulnerability exists in FreePBX versions 15, 16, and 17, which stems from a malicious...
CVE-2024-33328
A cross-site scripting XSS vulnerability in the component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the pageId parameter...
IBM Personal Communications 缓冲区错误漏洞
IBM Personal Communications is a host communications and terminal emulation package for Microsoft Windows from International Business Machines IBM. Now with a full 64-bit architecture, it features Virtual Terminal VT emulation and System Network Architecture SNA application support, and provides ...
GitLab Enterprise Edition Security Vulnerability
GitLab Enterprise Edition EE is a content management system from the US-based GitLab, Inc. A security vulnerability exists in GitLab Enterprise Edition that stems from a security hole when updating a target branch. Affected products and versions: GitLab EE versions 15.3 through 16.2.8 prior, 16.3...
PT-2023-28972 · Withsecure · Withsecure Elements Endpoint Protection +5
Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...
Odoo 跨站脚本漏洞
Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security vulnerability...