Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name

A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...

CVE-2026-46922

Vulnerability in the Oracle HR Intelligence product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle HR Intelligenc...

CVE-2026-46882

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Enterprise Infrastructure Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via JDENET to compromise ...

CVE-2026-46863

Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are MySQL Server: 8.4.0-8.4.9, 9.0.0-9.7.0; MySQL Cluster: 8.0.11-8.0.46, 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows...

PT-2026-49915

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Enterprise Capture version 12.2.1.4.0 Oracle WebCenter Enterprise Capture version 14.1.2.0.0 Description An issue exists in the Client Bundle component of the Oracle WebCenter Enterprise Capture product within Oracle Fusion...

PT-2026-49971

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.4.0 through 8.4.9 MySQL Server versions 9.0.0 through 9.7.0 MySQL Cluster versions 8.0.11 through 8.0.46 MySQL Cluster versions 8.4.0 through 8.4.9 MySQL Cluster versions 9.0.0 through 9.7.0 Description An issue exists ...

CVE-2026-47213

Summary (CVE-2026-47213 / BoxLite) BoxLite’s execution timeout mechanism is vulnerable due to sending SIGALRM (catchable) to terminate a timed process instead of SIGKILL (uncatchable). The Timeout watcher invokes a sleep, then calls kill with SIGALRM, while the code comments indicate SIGKILL shou...

CVE-2026-53469

Migration-planner is affected. An authenticated user can issue a DELETE to /api/v1/sources that is not properly authorized/filtered, permitting destruction of all tenant data (sources, agents, assessments) and causing critical loss of availability and integrity across the SaaS platform. Affected ...

CVE-2026-53469

A flaw was found in migration-planner. An authenticated user can exploit this vulnerability by sending a DELETE request to the /api/v1/sources route, which lacks proper authorization and filtering. This allows for the destruction of all customer data, including sources, agents, and assessments,...

CVE-2026-41974

Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41986

Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41981

Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41983

DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41982

Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41973

Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41977

DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-41972

Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-44755

SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of th...

CVE-2026-44757

SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user�s browser within the context of the application. This issue has a low impact on the...