CVE-2025-15466

The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple AJAX actions in all versions up to, and including, 3.6.9. This makes it possible for authenticated attackers, with...

PT-2026-3696

Name of the Vulnerable Software and Affected Versions Oracle JD Edwards versions 9.2.0.0 through 9.2.26.0 Description A flaw exists within the Web Runtime SEC component of Oracle JD Edwards EnterpriseOne Tools that allows an unauthenticated attacker with network access via HTTP to compromise the...

PT-2026-3718

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft Enterprise SCM Purchasing version 9.2 Description An easily exploitable issue exists in the Purchasing component of Oracle PeopleSoft Enterprise SCM Purchasing. A low-privileged attacker with network access via HTTP can...

PT-2026-3674

Name of the Vulnerable Software and Affected Versions Oracle Utilities Application Framework versions 4.4.0.3.0 through 4.5.0.2.0 Oracle Utilities Application Framework versions 25.4 and 25.10 Description A flaw exists within the Oracle Utilities Application Framework component of Oracle Utilitie...

Oracle E-Business Suite security vulnerabilities

Oracle E-Business Suite is a comprehensive, integrated global business management software developed by Oracle Corporation in the United States. This software offers features such as customer relationship management, service management, and financial management. Vulnerabilities exist in versions...

Oracle Financial Services Applications security vulnerabilities

Oracle Financial Services Applications is a set of financial services software developed by Oracle Corporation in the United States. This product includes core banking, online banking, and property management functions. FLEXCUBE Investor Servicing is a comprehensive solution component that provid...

Oracle Hyperion security vulnerabilities

Oracle Hyperion is a financial modeling application developed by Oracle Corporation in the United States. This software provides functions such as financial settlement and report generation. A security vulnerability exists in the Oracle Planning and Budgeting Cloud Service version 25.04.07 of...

Oracle Java SE security vulnerabilities

Oracle Java SE is a product developed by Oracle Corporation in the United States. It is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Version Oracle Java SE 8u471-b50 contains a security vulnerability. This vulnerability...

Oracle PeopleSoft security vulnerabilities

Oracle PeopleSoft is a corporate human capital management solution developed by Oracle Corporation in the United States. This product offers functions such as human capital management, financial management, and supplier relationship management. PeopleSoft Enterprise PeopleTools is a tool and...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a company in the United States. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization from desktops to data centers. VM VirtualBox is one o...

PT-2026-3675

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u471, 8u471-b50, 8u471-perf Oracle Java SE version 11.0.29 Oracle Java SE version 17.0.17 Oracle Java SE version 21.0.9 Oracle Java SE version 25.0.1 Oracle GraalVM for JDK versions 17.0.17 and 21.0.9 Oracle GraalVM...

PT-2026-3709

Name of the Vulnerable Software and Affected Versions Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in for Apache HTTP Server, and Oracle Weblogic Server Proxy Plug-in for IIS versions 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 are affected. Description An easily exploitable vulnerability...

PT-2026-3701

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Integration Broker component of Oracle PeopleSoft Enterprise PeopleTools. An unauthenticated attacker with network access via HTTP can compromise the system...

PT-2026-3693

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description An easily exploitable issue exists in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. An unauthenticated attacker with network access via...

PT-2026-3673

Name of the Vulnerable Software and Affected Versions Oracle Life Sciences Central Designer version 7.0.1.0 Description An easily exploitable issue affects Oracle Life Sciences Central Designer, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful...

CVE-2025-15466 Image Photo Gallery Final Tiles Grid <= 3.6.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Gallery Management

The Image Photo Gallery Final Tiles Grid plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple AJAX actions in all versions up to, and including, 3.6.9. This makes it possible for authenticated attackers, with...

CVE-2025-15534

A flaw was found in raylib. A local user could exploit an integer overflow vulnerability in the LoadFontData function. This flaw may lead to information disclosure, data modification, or denial of service, impacting the availability, integrity, and confidentiality of the application. Mitigation...

WordPress Aplazo Payment Gateway plugin missing privileges vulnerability

WordPress Aplazo Payment Gateway plugin is a payment gateway plugin for WooCommerce stores that allows customers to choose "buy now, pay later" payment method at the time of purchase. A lack of privileges vulnerability exists in WordPress Aplazo Payment Gateway plugin, which can be exploited by a...

WordPress Responsive Accordion Slider plugin unauthorized data modification vulnerability

WordPress Responsive Accordion Slider plugin is a WordPress plugin that combines the functionality of folding panels Accordion and rotating images Slider. The WordPress Responsive Accordion Slider plugin suffers from an unauthorized data modification vulnerability that stems from a lack of...

WordPress Float Payment Gateway plugin unauthorized data modification vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An unauthorized data modification vulnerability exists in the WordPress Float Payment Gateway plugin that stems from mishandling of errors and can be exploited by an attacker to...