EUVD-2026-24366

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2026-41191 FreeScout's signature only mailbox permission allows unauthorized mailbox chat setting changes

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, MailboxesController::updateSave persists chatstartnew outside the allowed-field filter. A user with only the mailbox sig permission sees only the signature field in the UI, but can still change the hidden...

EUVD-2026-24179

UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...

CVE-2026-31014

Dovestones Softwares AD Self Update 4.0.0.5 is vulnerable to Cross Site Request Forgery CSRF. The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent protection. The endpoint accepts application/x-www-form-urlencoded requests, and an originally...

Silex Technology SD-330AC and AMC Manager

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

Oracle Identity Manager 安全漏洞

Oracle Identity Manager is an identity governance platform provided by Oracle Corporation in the United States. It offers capabilities for managing the identity lifecycle and implementing access control. Versions 12.2.1.4.0 and 14.1.2.0.0.0 of Oracle Identity Manager contain security...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011401 advisory. In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosu...

Oracle Workflow 安全漏洞

Oracle Workflow is a business process automation engine developed by Oracle, a US-based company. Versions 12.2.3 to 12.2.15 of Oracle Workflow contain security vulnerabilities. These vulnerabilities stem from issues with the Workflow Loader component. Vulnerable attackers could exploit these...

Infoopia Dovestones AD Self Update 安全漏洞

Infoopia Dovestones AD Self Update is a self-service catalog information update tool developed by the Canadian company Infoopia. Versions of Infoopia Dovestones AD Self Update prior to 4.0.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the lack of CSRF token protection...

CVE-2026-31014

CVE-2026-31014 affects Dovestones Softwares AD Self Update

Oracle Java SE 安全漏洞

Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Version 25.0.1 of Oracle Java SE contains a security vulnerability. This vulnerability...

WWBN AVideo 跨站请求伪造漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from three JSON endpoints accessible only to administrators: objects/categoryAddNew.json.ph...

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

USN-8098-10 linux-raspi, linux-raspi-5.4 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

EUVD-2026-23755

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication...

CVE-2026-32962

CVE-2026-32962 affects the SD-330AC and AMC Manager from Silex Technology, with a missing authentication for a critical function that could allow device configuration to be altered without authentication. Per the available metrics, the CVSS scores are 5.3 (3.1 CVSS) and 6.9 (4.0 CVSS), both indic...

CVE-2026-32962

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication...

PT-2026-33700

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication...

Silex SD-330AC和Silex AMC Manager 安全漏洞

Silex SD-330AC and Silex AMC Manager are both products of the Japanese company Silex. Silex SD-330AC is a device server that provides wireless network connectivity and the ability to share with USB devices. Silex AMC Manager is a management software used for centralized management of device serve...