EUVD-2026-36778

An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request...

Exploit for Improper Authentication in Oracle Concurrent_Processing

Affected Software: Oracle BI Publisher versions 12.2.1.4.0, 12...

Oracle Siebel Server <= 25.9 (January 2026 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Application Interface jquery-cookie. Supported versions that...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows attackers to bypass security functions and gain unauthorized access to protected information.

The vulnerability of the integration component of the Magento Commerce software development and management platform is related to authentication errors. Exploiting this vulnerability allows an attacker to bypass security functions and gain unauthorized access to protected information...

The vulnerability of the integration component of the Magento Commerce software development and management platform relates to the lack of protection against cross-site request forgery attacks. This allows attackers to perform unauthorized changes to user metadata.

The vulnerability of the integration component of the Magento Commerce software platform for online store development and management is related to the lack of protection against cross-site request forgery attacks. Exploiting this vulnerability allows a malicious actor to perform unauthorized...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows attackers to gain unauthorized access to protected information.

The vulnerability of the integration component of the Magento Commerce software development and management platform is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by using...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows a malicious user to delete CMS pages via the REST API without authentication.

The vulnerability of the integration component of the Magento Commerce software for developing and managing online stores is related to authentication errors. Exploiting this vulnerability allows a malicious actor to delete CMS pages through the REST API without authentication...

CVE-2020-2564

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI. Supported versions that are affected are 19.10 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of th...

PT-2020-1515 · Oracle · Siebel Ui Framework

Name of the Vulnerable Software and Affected Versions: Oracle Siebel CRM Siebel UI Framework versions 19.10 and prior Description: The issue is related to insufficient access control in the EAI component of the Siebel UI Framework. It allows an unauthenticated attacker with network access via HTT...

CVE-2018-2956

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: Integration. The supported version that is affected is 5.5.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Orac...

CVE-2018-2955

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: Integration. The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Cisco Identity Services Engine Active Directory Integration Component Denial of Service Vulnerability

The Cisco Identity Services Engine Active Directory Integration Component is an Active Directory integration component for the Cisco Identity Services Engine. The Cisco Identity Services Engine Active Directory Integration Component fails to properly process PAP authentication requests, allowing...

CVE-2015-0402

Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Integration - COM...