308 matches found
CVE-2026-46972
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2026-46973
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2026-46930
Vulnerability in the Oracle In-Memory Cost Management for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.12-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS...
PT-2026-50071
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
PT-2026-50034
Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle In-Memory Cost Management for Discrete Industries versions 12.2.12 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle In-Memory Cost Management for Discrete Industries...
PT-2026-50070
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
MAL-2026-5522 Malicious code in @orion-design-system/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd5d007da2de0a07fc1a0d999cccbf71a748627c82c9b2000d161eb248a5a0f package.json declares a preinstall hook that runs an inline node -e script reading os.hostname and os.userInfo.username and transmitting them via HTT...
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025...
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
Targeting multiple industries worldwide, the InstallFix campaign uses fake Claude AI installer pages to trick users into running malware that collects system information, disables security features, achieves persistence, and connects to attacker-controlled C&C servers for additional payloads...
CVE-2026-30287
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30287
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
PT-2026-29519
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries
We look into a stealthy multi‑stage attack campaign that delivers PureLog Stealer entirely in memory using encrypted, fileless techniques...
Zed 安全漏洞
Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.224.4 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the tar extractor created symbolic links without proper verification, which could lead to code execution...
Zed 安全漏洞
Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.219.4 contained security vulnerabilities. These vulnerabilities stemmed from insufficient display of tool invocation parameters, allowing malicious values to be used without being detected by users...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
EUVD-2025-206537
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
CVE-2025-55704 describes a hidden functionality issue in multiple Brother MFPs that may allow an attacker to obtain logs from the affected product and access sensitive information contained in those logs. The issue is surfaced across multiple feeds (NVD, Red Hat, JVN, CIRCL, CVE list, EUVD, etc.)...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
Brother Industries Brother MFPs security vulnerabilities
Brother Industries Brother MFPs is a multi-functional printer from the Japanese company Brother Industries. There are security vulnerabilities associated with Brother Industries Brother MFPs, which stem from hidden functions that may allow attackers to access sensitive information in the logs...