Lucene search
K

1734 matches found

Nuclei
Nuclei
added yesterday11 views

IBM Planning Analytics - Authentication Bypass & Remote Code Execution Version Detection

IBM Planning Analytics versions 2.0.0 through 2.0.8 are vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting. id: CVE-2019-4716 info: name: IBM Planning Analytics - Authentication Bypass & Remote...

10CVSS7.2AI score0.86441EPSS
Exploits6References3
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-50644 SQL Injection in SOPlanning Audit Retention Configuration

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS0.00277EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-13011 ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support <= 1.17.5 - Authenticated (HR Manager+) SQL Injection via 'orderby' Parameter

The ERP: Complete HR, Accounting & CRM Suite with Recruitment and WooCommerce CRM Support plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 1.17.5 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 8:16 a.m.9 views

CVE-2026-14807

ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view application code and obtain the database account and password...

9.8CVSS0.00463EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55872

Name of the Vulnerable Software and Affected Versions ERP App developed by PROG MIS affected versions not specified Description The application contains hard-coded credentials, which are passwords or usernames embedded directly into the software source code. This allows unauthenticated remote...

9.8CVSS6.2AI score0.00463EPSS
Exploits0References9
Microsoft Secure
Microsoft Secure
added 2026/06/30 7:0 p.m.10 views

Accelerating the quantum-safe timeline

The quantum-safe timeline has changed For years, planning for post-quantum cryptography PQC was framed as a future problem: important, inevitable, but distant. That perspective is evolving as technology advances and organizations prepare for the scale and complexity of the transition ahead. At...

6AI score
Exploits0
CVE
CVE
added 2026/06/29 5:20 p.m.20 views

CVE-2026-57950

Summary (CVE-2026-57950): ruoyi-vue-pro before 2026.05 contains a broken access control in ErpSaleOrderController due to incorrect permission namespace enforcement. The controller applies the erp:sale-out namespace instead of the intended erp:sale-order namespace, allowing attackers with erp:sale...

8.6CVSS5.8AI score0.00294EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 10:54 a.m.11 views

CVE-2026-46940

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite component: Cost Planning. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.10 views

CVE-2026-46942

Vulnerability in the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.9 views

CVE-2026-46929

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite component: Cost Planning. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Cost Management...

8.8CVSS0.00402EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 2:15 a.m.9 views

Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics

Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Local. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency with...

7.5CVSS6.8AI score0.00808EPSS
Exploits8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50043

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Cost Management versions 12.2.3 through 12.2.15 Description An issue exists in the Cost Planning component of the Oracle Cost Management product. A low privileged attacker with network access via HTTP can exploit...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50033

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Cost Management versions 12.2.3 through 12.2.15 Description An issue exists in the Cost Planning component of the Oracle Cost Management product. A low privileged attacker with network access via HTTP can exploit...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-50044

Name of the Vulnerable Software and Affected Versions Oracle Process Manufacturing Process Planning versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Process Manufacturing Process Planning product of Oracle E-Business Suite. A low...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50041

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Cost Management versions 12.2.3 through 12.2.15 Description An issue exists in the Cost Planning component of the Oracle Cost Management product. A high privileged attacker with network access via HTTP can exploi...

7.2CVSS5.8AI score0.00453EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/10 3:6 p.m.54 views

rspwner

RSPWNER RSPWNER is a Rust-based AI-assisted CTF pwn assistant...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.14 views

ECYSAP EYE: From Cyber Situational Awareness to Mission-Centric Decision Support for Enhanced Cyberspace Operations

Operational organizations increasingly require Cyber Situational Awareness CySA capabilities that go beyond isolated technical alerts, providing mission-relevant artefacts that can be embedded into heterogeneous toolchains and cyber security or cyber defense processes. ECYSAP EYE addresses this...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/06/09 7:15 p.m.11 views

EUVD-2026-35796

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP users to inject malicious payloads into faculty and course fields by exploiting missing HTML encoding...

5.4CVSS5.3AI score0.00196EPSS
Exploits0References3
Akamai Blog
Akamai Blog
added 2026/06/09 1:0 p.m.8 views

Post-Quantum Cryptography Is Coming, but Your DNS Might Not Be Ready

Learn why crypto-agility depends not just on adopting the right standards, but on maintaining a clear, unified view of your DNS environment before the migration begins...

5.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/09 12:20 a.m.8 views

CVE-2026-44744 SQL Injection vulnerability in SAP S/4HANA

SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...

6.5CVSS5.7AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder