GHSA-8RH5-4MVX-XJ7J CI4MS Vulnerable to Post-Installation Re-entry via Cache-Dependent Install Guard Bypass

Summary The install route guard in ci4ms relies solely on a volatile cache check cache'settings' combined with .env file existence to block post-installation access to the setup wizard. When the database is temporarily unreachable during a cache miss TTL expiry or admin-triggered cache clear, the...

CVE-2026-28215

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP settings by sending a single HTTP POST request wi...

CVE-2019-2867

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualB...

EUVD-2019-12566

Malware in sbrugna...

EUVD-2017-12722

Malware in sbrugna...

EUVD-2020-7008

Malware in sbrugna...

EUVD-2025-11079

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-21886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.42 and prior t...

Linux Distros Unpatched Vulnerability : CVE-2024-21272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0 and prior. Difficult t...

CVE-2025-5095

Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforc...

CVE-2025-53028

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle ...

CVE-2022-21337

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

Linux Distros Unpatched Vulnerability : CVE-2018-2755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.59 and prior, 5.6.39...

CVE-2024-20997

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications component: Simphony Enterprise Server. Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

Oracle Analytics 安全漏洞

Oracle Analytics is an enterprise analytics solution from Oracle Corporation USA. A security vulnerability exists in Oracle Analytics Desktop prior to version 8.1.0 for Oracle Analytics. An attacker exploiting this vulnerability could cause Oracle Analytics Desktop to be taken over...

Oracle Virtualization 安全漏洞

Oracle Virtualization is a suite of virtualization solutions from Oracle Corporation USA. The product is used to unify the management of the entire hardware and software architecture from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of th...

Oracle ZFS Storage Appliance 安全漏洞

Oracle ZFS Storage Appliance is a flash-enabled, petabyte-scale file storage with built-in Oracle database from Oracle Corporation USA. A security vulnerability exists in Oracle Systems' Oracle ZFS Storage Appliance Kit. An attacker could exploit the vulnerability to cause the Oracle ZFS Storage...

Oracle Virtualization 安全漏洞

Oracle Virtualization and Oracle VM VirtualBox are both products of Oracle Corporation.Oracle Virtualization is a suite of virtualization solutions. The product is used to unify the management of the entire hardware and software system from the application to the disk, can be achieved from the...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Workflow for Oracl...

Dell PowerProtect Cyber Recovery 安全漏洞

Dell PowerProtect Cyber Recovery is a network data recovery software and solution from Dell USA. A security vulnerability exists in Dell PowerProtect Cyber Recovery. An attacker exploiting this vulnerability could take over the system completely...