security-audit

security-audit A Claude Code skill + plugin marketplace for a...

Oracle Siebel Server <= 25.11 (April 2026 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Server Infrastructure Apache Log4j. Supported versions that ar...

CVE-2026-21926

Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Server Infrastructure. Supported versions that are affected are 17.0-25.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Siebel CRM Deployment. Successfu...

Oracle Siebel Server <= 25.2 (January 2026 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2026 CPU advisory. - Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Server Infrastructure. Supported versions that are affected are...

CVE-2026-21926

Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Server Infrastructure. Supported versions that are affected are 17.0-25.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Siebel CRM Deployment. Successfu...

EUVD-2015-2679

Malware in sbrugna...

EUVD-2015-0378

Malware in sbrugna...

EUVD-2024-2194

Malicious code in bioql PyPI...

EUVD-2025-5939

Malicious code in bioql PyPI...

GHSA-WJMJ-H3XC-HXP8 Generation of Error Message Containing Sensitive Information in zsa

Impact All users are impacted. The zsa application transfers the parse error stack from the server to the client in production build mode. This can potentially reveal sensitive information about the server environment, such as the machine username and directory paths. An attacker could exploit th...

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

German law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users." The exercise, which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine,...

A Look Into Purple Fox’s Server Infrastructure

By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers SOCs, and security researchers find and weed out Purple Fox infections in their network...

CVE-2021-2368

Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Siebel Core - Server Infrastructure. Supported versions that are affected are 21.5 and Prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Siebel CRM. Successf...

New Kimsuky Module Makes North Korean Spyware More Powerful

A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" aka Black Banshee or Thallium and believed to be...

CVE-2019-2536

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MyS...

OWASP Top 10 2017 is Released

The Journey to the New and Improved Ten Most Critical Web Application Security Risks It was not too long ago that protecting your web server infrastructure consisted of simply placing the servers in their own zone behind the firewall and just opening a couple of ports. Outside of endpoint...

CVE-2015-2587

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure...

Design/Logic Flaw

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure...

CVE-2015-2587

CVE-2015-2587 affects Oracle Siebel CRM versions 8.1.1, 8.2.2 and 15.0 in the Siebel UI Framework component, specifically the SWSE Server Infrastructure. The vulnerability, described in connected Nessus data, enables network-based access that can lead to unauthorized update/insert/delete operatio...

CVE-2015-2587

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure...