Lucene search
K

384 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/09 7:9 a.m.4 views

CVE-2026-2234

C&Cm@il developed by HGiga has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read and modify any user's mail content...

9.3CVSS5.5AI score0.00449EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/29 9:24 a.m.11 views

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

5.3CVSS5.9AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/01/28 8:16 a.m.9 views

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

4.3CVSS0.00194EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/28 7:27 a.m.3 views

CVE-2026-1389 Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

4.3CVSS5.9AI score0.00194EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/28 7:27 a.m.6 views

CVE-2026-1389

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

5.3CVSS5.9AI score0.00194EPSS
Exploits0References6
EUVD
EUVD
added 2026/01/28 7:27 a.m.5 views

EUVD-2026-4916

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the...

5.3CVSS5.9AI score0.00194EPSS
Exploits0References5
CVE
CVE
added 2026/01/28 7:27 a.m.18 views

CVE-2026-1389

CVE-2026-1389 affects the WordPress plugin Document Embedder (

4.3CVSS5.9AI score0.00194EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.8 views

PT-2026-5079

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.4. This is due to the plugin not verifying that a user has permission to access the requested resource in the 'bplde sa...

5.3CVSS5.9AI score0.00194EPSS
Exploits0References6
NVD
NVD
added 2026/01/27 9:15 a.m.7 views

CVE-2026-21721

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...

8.1CVSS0.00647EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/01/21 10:24 p.m.5 views

CVE-2026-21946

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS5.5AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 10:16 p.m.4 views

CVE-2026-21971

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:15 p.m.10 views

CVE-2026-21943

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

6.1CVSS0.002EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 10:15 p.m.5 views

CVE-2026-21938

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.4CVSS5.8AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 10:15 p.m.4 views

CVE-2026-21934

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Push Notifications. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

5.4CVSS5.8AI score0.002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 9:56 p.m.2 views

CVE-2026-21946

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS7.2AI score0.002EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.8 views

PT-2026-3708

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft Enterprise HCM Human Resources version 9.2 Description A flaw exists in the PeopleSoft Enterprise HCM Human Resources component, specifically within Company Dir / Org Chart Viewer and Employee Snapshot. This issue allows a...

6.1CVSS7.3AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.11 views

PT-2026-3727

Name of the Vulnerable Software and Affected Versions Oracle Life Sciences Central Coding version 7.0.1.0 Description An easily exploitable issue exists in the Oracle Life Sciences Central Coding product, specifically within the Platform component. An unauthenticated attacker with network access...

6.5CVSS7.4AI score0.00187EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/17 3:22 a.m.15 views

CVE-2026-1019

Police Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

9.8CVSS7.1AI score0.00525EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 3:16 a.m.5 views

CVE-2026-1019

Police Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References2
NVD
NVD
added 2026/01/16 3:16 a.m.6 views

CVE-2026-1019

Police Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality...

9.8CVSS0.00525EPSS
Exploits0References2
Rows per page
Query Builder