CVE-2026-54219

UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize user input, allowing low privileged attackers to inject arbitrary JavaScript that executes in a victim's browser upon viewing. Because vendor contact attempts were...

CVE-2026-35069

Dell PowerFlex Manager, versions Versions, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection...

CVE-2026-35069

CVE-2026-35069 affects Dell PowerFlex Manager. The issue is an SQL injection caused by improper neutralization of special elements in SQL commands within the product’s components, allowing a low-privileged, adjacent-network attacker to potentially perform script injection. Impact described includ...

CVE-2026-35068

Dell PowerFlex Manager is affected by an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands. The issue could allow a low-privileged attacker with adjacent network access to cause information disclosure. The available descriptions identify the vulnerabil...

EUVD-2026-37736

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

CVE-2026-35067

Technical details are not publicly available in the provided documents. Monitor for updates from Dell/NVD for affected PowerFlex Manager versions, root cause, impact, and remediation.

CVE-2026-46972

Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2026-46895

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: Core. Supported versions that are affected are V15 and V16. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise...

CVE-2026-46814

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-46804

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content...

CVE-2026-46767

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Composer. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter...

CVE-2026-35323

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-35325

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-35311

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server. Successful...

CVE-2026-35316

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-35295

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-50001

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite iSupplier Portal versions 12.2.3 through 12.2.15 Description An issue exists in the Home Page component of the Oracle iSupplier Portal. A low privileged attacker with network access via HTTPS can compromise the system,...

PT-2026-49867

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware component: WebCenter Sites. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2026-49888

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Content version 12.2.1.4.0 Oracle WebCenter Content version 14.1.2.0.0 Description An issue exists in the Content Server component of the Oracle WebCenter Content product within Oracle Fusion Middleware. A low privileged...

PT-2026-50002

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Command Center Framework versions V15 through V16 Description A flaw in the Core component of the Oracle Enterprise Command Center Framework allows a low privileged attacker with network access via HTTP to compromise the...