CVE-2026-48507

Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular users.edit permission to lock every admin out of the instance by editing the activated flag which determines whether or not a user can login and the...

Security update for mapserver (moderate)

openSUSE security update: security update for mapserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20476-1 Rating: moderate References: bsc1260869 Cross-References: CVE-2026-33721 Affected Products: openSUSE Leap 16.0...

PT-2026-3684

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62 Description A flaw exists in the Push Notifications component of Oracle PeopleSoft Enterprise PeopleTools. A low-privileged attacker with network access via HTTP can compromise the system. Successfu...

CVE-2025-53059

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: OpenSearch Dashboards. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSof...

CVE-2025-59952

MinIO Java SDK is a Simple Storage Service aka S3 client to perform bucket and object operations to any Amazon S3 compatible object storage service. In minio-java versions prior to 8.6.0, XML tag values containing references to system properties or environment variables were automatically...

PT-2025-39921

Name of the Vulnerable Software and Affected Versions MinIO Java SDK versions prior to 8.6.0 Description The MinIO Java SDK is a client for performing bucket and object operations with Amazon S3 compatible object storage services. Versions prior to 8.6.0 improperly handle XML tag values containin...

EasyVirt DC Scope和EasyVirt CO2 Scope 安全漏洞

EasyVirt DC Scope and EasyVirt CO2 Scope are both products of the French company EasyVirt.EasyVirt DC Scope is a monitoring and management solution for VMware Virtualization VMware.EasyVirt CO2 Scope is a real-time monitoring and control solution for IT services, virtual machines and servers in...

Atlassian Confluence Security Vulnerability

Atlassian Confluence is a suite of specialized enterprise knowledge management and collaboration software from Atlassian Australia that can also be used to build enterprise WiKi. A security vulnerability exists in Atlassian Confluence Data Center and Server that stems from the presence of a remot...

CVE-2023-21844

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

ITPison OMICARD EDM 路径遍历漏洞

ITPison OMICARD EDM is a high-speed email newsletter EDM marketing and distribution system from ITPison China. A security vulnerability exists in ITPison OMICARD EDM versions v5.8 to v6.0. The vulnerability stems from a path traversal in OMICARD EDM's Mail Image Forwarding feature, which can be...

PT-2021-3765 · Juniper Networks · Sbr Carrier

Name of the Vulnerable Software and Affected Versions: Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9 Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3 Description: The issue is caused by a stack-based buffer...

UBUNTU-CVE-2020-13941

Reported in SOLR-14515 private and fixed in SOLR-14561 public, released in Solr version 8.6.0. The Replication handler https://lucene.apache.org/solr/guide/86/index-replication.htmlhttp-api-commands-for-the-replicationhandler allows commands backup, restore and deleteBackup. Each of these take a...

Atlassian JIRA Server and Data Center Cross-Site Scripting Vulnerability

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. Atlassian JIRA Server is the server version of a defect tracking management system that is used to track and manage all...

Unspecified Vulnerability in Oracle Knowledge (CNVD-2020-26993)

Oracle Knowledge is the United States Oracle Oracle company's set of knowledge management solutions. Information Manager Console is one of the information management console components. A security vulnerability exists in the Information Manager Console component of Oracle Knowledge versions 8.6.0...

CVE-2020-2931

Vulnerability in the Oracle Knowledge product of Oracle Knowledge component: Web Applications - InfoCenter. Supported versions that are affected are 8.6.0-8.6.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge. Successfu...

CVE-2019-20405

The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery CSRF vulnerability...

CVE-2019-2719

Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM subcomponent: Web Applications InfoCenter. Supported versions that are affected are 8.5.1.0 - 8.5.1.7, 8.6.0 and 8.6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Joyent Node.js Unauthorized Access Vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...