PT-2026-38878

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: AWT, JavaFX. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

CVE-2026-21357

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction, specifically the victim opening a malicious file. CVSSv3.1 base score 7.8 (HIGH) with Loca...

CVE-2021-0347

In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...

EUVD-2017-7778

Malware in sbrugna...

CVE-2025-26443

In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2024-49731

In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

UBUNTU-CVE-2025-50081

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2021-2315

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

UBUNTU-CVE-2025-21520

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL...

CVE-2023-38104

GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2021-34906

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2021-2347

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructu...

CVE-2020-2966

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-2796

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite component: Message Display. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Emai...

CVE-2019-2167

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501...

CVE-2018-14302

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-2949

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

mysql: Logging unspecified vulnerability (CPU Jan 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Logging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQ...

OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

CVE-2017-3357

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...