Oracle WebLogic Server - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...

PaperCut NG - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper...

Astra Linux – Vulnerability in Firefox

By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could be applied, leading to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox versions less than 87...

Astra Linux – Vulnerability in Firefox

The incorrect use of the '' method could lead to a “user-after-poison” situation and potentially cause a exploitable crash. This vulnerability affects Firefox versions earlier than 85...

Astra Linux – Vulnerability in Firefox and Thunderbird

While implementing AudioWorklets, some code may have converted one type to another, resulting in an invalid, dynamic type. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

Security Bulletin: OpenSSH client bug (CVE-2016-0777 and CVE-2016-0778)

Question Security Bulletin: OpenSSH client bug CVE-2016-0777 and CVE-2016-0778 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All...

EUVD-2026-37724

Dell PowerFlex Manager, versions 4.6.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

CVE-2026-46931

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.6-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-50032

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Spares Management versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Spares Management product. A low privileged attacker with network access via HTTPS...

PT-2026-49932

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2026-12189

The CVE-2026-12189 entry concerns Moovit Bus & Public Transit App 1.18 on Android, affecting the com.tranzmate component. The flaw is described as improper authorization in the handler for a custom URL scheme, enabling a local attacker to manipulate the app. Exploitability is local with low attac...

Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)

Question Is the Network IPS system affected by Ruby on Rails vulnerabilities? "Product":"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System","Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Component":"General...

CVE-2026-11522 Tenda W20E setPortMirror formSetPortMirror stack-based overflow

A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...

EUVD-2026-35056

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

janus-security-platform

Agentic Security Platform Payments-domain SAST + autonomous P...

CVE-2026-11473

A vulnerability was identified in jflyfox jfinalcms up to 5.1.0. This impacts the function list of the file AdvicefeedbackController.java. Such manipulation of the argument orderBy leads to sql injection. The attack can be launched remotely. The project was informed of the problem early through a...

CVE-2026-9564

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/viewpatient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation ...

PT-2026-47166

CVE-2026-8762 - Atlassian Confluence Server-Side Request Forgery CVE ID :CVE-2026-8762 Published : June 4, 2026, 2:16 p.m. | 57 minutes ago Description :Rejected reason: After analysis, the originally reported behaviour was determined not to constitute a security vulnerability. The findings were...

PT-2026-45102

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked domain/permitted domain/blocked domain list/permitted domain list results in stack-based buffer...

CVE-2026-9422 KLiK SocialMediaWebsite HTTP POST Request Parameter injection

A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The exploit is publicly available and might be used...