315 matches found
PT-2026-38847
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...
BIT-JAVA-MIN-2020-14556
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
PT-2026-37826
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Orac...
PT-2026-37800
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....
PT-2026-38038
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...
PT-2026-38015
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracl...
EUVD-2026-24385
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...
EUVD-2026-24352
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
EUVD-2026-24364
Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: Identity Console. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2026-34277
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...
Oracle Life Sciences Empirica Signal 安全漏洞
Oracle Life Sciences Empirica Signal is a drug safety signal detection platform developed by Oracle Corporation. Versions 9.2.1 to 9.2.3 of Oracle Life Sciences Empirica Signal contain security vulnerabilities. These vulnerabilities stem from issues with the Common Core component, allowing...
Oracle Hyperion Infrastructure Technology 安全漏洞
Oracle Hyperion Infrastructure Technology is a corporate performance management infrastructure component developed by Oracle, a company in the United States. Version 11.2.24.0.000 of Oracle Hyperion Infrastructure Technology contains a security vulnerability. This vulnerability stems from issues...
Oracle User Management 安全漏洞
Oracle User Management is a user management system developed by Oracle, a company in the United States. There are security vulnerabilities in versions 12.2.7 to 12.2.15 of Oracle User Management. These vulnerabilities stem from issues with the Workflow and Business Events component. They may allo...
CVE-2026-5963
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2026-5302 Permissive Cross-domain Policy with Untrusted Domains in coolercontrold
CORS misconfiguration in CoolerControl/coolercontrold 4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites...
CVE-2026-22895
QuFTP Service exposes an XSS vulnerability (CVE-2026-22895). The issue is triggered when an attacker with administrator access can exploit it to bypass security controls or read application data. Affected versions are QuFTP Service 1.4.3 and earlier, 1.5.1 and earlier according to the fixes, with...
QNAP Systems QuFTP Service 跨站脚本漏洞
QNAP Systems QuFTP Service is a service component provided by QNAP Systems, a company based in Taiwan, China. It offers File Transfer Protocol services and remote file access management capabilities. The QNAP Systems QuFTP Service has a cross-site scripting vulnerability. This vulnerability stems...
OneUptime SQL注入漏洞
OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.23 contained a SQL injection vulnerability. This vulnerability stemmed from the telemetry aggregation API directly inserting...
HGiga C&Cm@il SQL注入漏洞
HGiga C&Cm@il is a mail collaboration system developed by China’s HGiga Corporation. HGiga C&Cm@il has a SQL injection vulnerability, which stems from insufficient input validation. This vulnerability could allow unverified remote attackers to inject arbitrary SQL commands to read data from the...
gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
Unbounded TLV length in ReadFile can cause Denial of Service Summary A Denial of Service vulnerability was identified in ReadFile where unbounded TLV length values could lead to excessive CPU and memory usage when processing data from a malicious or non-compliant NFC source. This issue has been...