CVE-2026-34307

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

CVE-2026-34277

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2026-27681

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

PT-2026-38721

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

CVE-2026-34307

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

CVE-2026-34269

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

ROS-20260216-73-0032

A vulnerability in the Networking component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain access ...

CVE-2026-2094 Flowring｜Docpedia - SQL Injection

Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

EUVD-2026-3541

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

DEBIAN-CVE-2026-21933

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

PT-2026-3684

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Push Notifications component of Oracle PeopleSoft Enterprise PeopleTools. A low-privileged attacker with network access via HTTP can compromise the system. Successfu...

CVE-2025-14446 Popup Builder <= 1.1.37 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Reset

The Popup Builder Easy Notify Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the easynotifycpreset function in all versions up to, and including, 1.1.37. This makes it possible for authenticated attackers, with Subscriber-level...

Malicious code in quick_aardwolf_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 293ccf1d341de436a4f8c00b3f3919cd96fc18c3508a7890c89e5227f81fc884 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-12865

U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents...

CVE-2025-61762

Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft component: Payables. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Payables...

CVE-2025-61753

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

EUVD-2021-18892

Malware in sbrugna...

CVE-2023-22050

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards component: E1 IOT Orchestrator Security. Supported versions that are affected are Prior to 9.2.7.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD...

CVE-2023-21998

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...