183 matches found
MINI-4QX4-RP45-395C
Bulletin has no description...
MINI-CWCP-WRPF-RV72
Bulletin has no description...
CVE-2026-34314
Oracle Financial Services Analytical Applications Infrastructure (OFSAAI), specifically the Platform component, is affected in versions 8.0.7.9, 8.0.8.7, and 8.1.2.5. The vulnerability allows a low-privilege, unauthenticated attacker with network access via HTTP to cause unauthorized creation, de...
CVE-2026-22003
CVE-2026-22003 affects Oracle Java SE (Hotspot) and Oracle GraalVM Enterprise Edition. Affected: Oracle Java SE 8u481 and 8u481-b50; GraalVM EE 21.3.17. The vulnerability allows a low-privilege, locally authenticated attacker to compromise the runtime and may lead to unauthorized data modificatio...
CVE-2009-0189
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1012. Reason: This candidate is a reservation duplicate of CVE-2009-1012. Notes: All CVE users should reference CVE-2009-1012 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...
EUVD-2026-4583
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
EUVD-2026-4284
PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the 'Comments / Special Instructions' parameter of the purchase page. Attackers can inject malicious JavaScript payloads that will execute when the page is refreshed, potentially allowing client-side script execution...
EUVD-2026-4254
Missing Authorization vulnerability in bestwebsoft Multilanguage by BestWebSoft multilanguage allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multilanguage by BestWebSoft: from n/a through = 1.5.2...
EUVD-2026-4419
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tapandsign Technologies Software Inc. Tap&Sign allows Cross-Site Scripting XSS.This issue affects Tap&Sign: through 23012026. NOTE: The vendor was contacted early about this disclosure but d...
EUVD-2026-4480
Discord Client Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Discord Client. An attacker must first obtain the ability to execute low-privileged code on the target system in...
EUVD-2026-4455
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...
EUVD-2026-3794
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress LearnPress Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress Course Review: from n/a through = 4.1.9...
EUVD-2026-3865
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in pavothemes Triply triply allows PHP Local File Inclusion.This issue affects Triply: from n/a through = 2.4.7...
EUVD-2026-3913
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo: from n/a through = 1.0.10...
EUVD-2026-3922
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.This issue affects Modern Housewife: from n/a through = 1.0.12...
EUVD-2026-3910
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes DiveIt diveit allows PHP Local File Inclusion.This issue affects DiveIt: from n/a through = 1.4.3...
EUVD-2026-4011
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in noCreativity Dooodl dooodl allows Reflected XSS.This issue affects Dooodl: from n/a through = 2.3.0...
EUVD-2026-4045
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TangibleWP MyHome Core myhome-core allows PHP Local File Inclusion.This issue affects MyHome Core: from n/a through = 4.1.0...
EUVD-2026-4111
Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through = 1.8.2...
EUVD-2026-3429
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds...