CVE-2026-22006

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

PT-2023-29364 · Galleon · Galeon

Name of the Vulnerable Software and Affected Versions: Galleon affected versions not specified Description: An improper initialization issue was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This could allow an attacker to acces...

eap-galleon: custom provisioning creates unsecured http-invoker

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

eap-galleon: custom provisioning creates unsecured http-invoker

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server...

PT-2022-2829 · Sonicwall · Sonicwall Sma1000

Name of the Vulnerable Software and Affected Versions: SonicWall SMA1000 series firmware versions prior to 12.4.1-02965 Description: The issue is related to insufficient access control in the firmware of SonicWall SMA 1000 series firewalls. This can allow a remote attacker to gain unauthorized...

CVE-2022-24595

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP or WebSocket request to the socket listened by the afb-daemon process. No...

CVE-2021-2277

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2021-2033

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core Components. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2020-2716

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2888

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: EJB Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a malicious actor to gain unauthorized access to protected data

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the HTTP protocol...

CVE-1999-1264

WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...