CVE-2021-2066

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

CVE-2021-2240

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-2023

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Bas...

CVE-2021-35580

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2021-35595

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Business Interlink. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2011-4169

Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2010-2707

Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors...

CVE-2025-20242

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise CCE could allow an unauthenticated, remote attacker to read and modify data on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this...

CVE-2025-20223

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP...

CVE-2025-3708

Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

CVE-2025-30713

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager product of Oracle PeopleSoft component: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

UBUNTU-CVE-2025-30698

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

Synology Mail Server 安全漏洞

Synology Mail Server is an email server from China-based Synology Inc. A security vulnerability exists in Synology Mail Server, which originates from the ability to bypass access restrictions to read or modify data...

The vulnerability of the Service Layer component of the SAP Business One resource management system allows a malicious actor to enhance their privileges and gain access to read, modify, and/or add data.

The vulnerability of the Service Layer component of the SAP Business One resource management system is related to improper session management. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain access to read, modify, and/or add data...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper API access control mechanisms. An attacker can modify data type information that should be restricted by exploiting the insufficient security restrictions applied to low-privilege user accounts...

SAP Business One 授权问题漏洞

SAP Business One is a suite of business management software from the German company SAP. The software includes functionality for financial management, operations management, and human resource management. SAP Business One suffers from an authorization issue vulnerability that stems from improper...

CVE-2024-50405

An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We have already fixed the...

The vulnerability of the setQuickCfgWifiAndLogin() function in the Tenda W18E router software allows a hacker to bypass security restrictions and gain access to read, modify, or delete data.

The vulnerability of the setQuickCfgWifiAndLogin function in the Tenda W18E router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions and gain access to read, modify, or delete data ...

mysql: mysqldump unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...