9459 matches found
Oracle WebLogic Server - Remote Code Execution
The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...
PaperCut NG - Authentication Bypass
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper...
Astra Linux – Vulnerability in Firefox
If multiple instances of resource exhaustion occur at the wrong time, the garbage collector could cause memory corruption and potentially exploitable crashes. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...
Astra Linux – Vulnerability in Firefox
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could be applied, leading to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox versions less than 87...
Astra Linux – Vulnerability in Firefox
The incorrect use of the '' method could lead to a “user-after-poison” situation and potentially cause a exploitable crash. This vulnerability affects Firefox versions earlier than 85...
Astra Linux – Vulnerability in Firefox, Thunderbird
A use-after-free vulnerability in media channels could lead to memory corruption and potentially exploitable crashes. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Astra Linux – Vulnerability in Firefox and Thunderbird
While implementing AudioWorklets, some code may have converted one type to another, resulting in an invalid, dynamic type. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
Astra Linux – Vulnerability in Firefox, Thunderbird
After a Garbage Collector compaction, weak maps might have been accessed before they were properly traced. This led to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and Thunderbird...
Security Bulletin: OpenSSH client bug (CVE-2016-0777 and CVE-2016-0778)
Question Security Bulletin: OpenSSH client bug CVE-2016-0777 and CVE-2016-0778 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...
EUVD-2026-37724
Dell PowerFlex Manager, versions 4.6.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...
CVE-2026-46931
Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
PT-2026-49932
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
PT-2026-50032
Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Spares Management versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Spares Management product. A low privileged attacker with network access via HTTPS...
CVE-2026-12189
The CVE-2026-12189 entry concerns Moovit Bus & Public Transit App 1.18 on Android, affecting the com.tranzmate component. The flaw is described as improper authorization in the handler for a custom URL scheme, enabling a local attacker to manipulate the app. Exploitability is local with low attac...
Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)
Question Is the Network IPS system affected by Ruby on Rails vulnerabilities? "Product":"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System","Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Component":"General...
CVE-2026-11522 Tenda W20E setPortMirror formSetPortMirror stack-based overflow
A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...
EUVD-2026-35056
A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
janus-security-platform
Agentic Security Platform Payments-domain SAST + autonomous P...
CVE-2026-11473
A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...
CVE-2026-9564
A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...