CVE-2026-46868

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Extensibility Framework. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromis...

CVE-2026-46855

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metadata Plugin. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

CVE-2026-47350

Backend users were able to move records to a different page without having edit permissions on the source page. This issue affects TYPO3 CMS versions 13.0.0-13.4.31 and 14.0.0-14.3.3...

CVE-2026-34279

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Event Management. Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

Sony PlayStation 4 安全漏洞

The Sony PlayStation 4 is a home video game console developed by the Japanese company Sony. There were security vulnerabilities in the versions 13.00 to 13.02 of the Sony PlayStation 4. These vulnerabilities stemmed from the BD-J sandbox feature, which could allow an abnormal JAR file to escape,...

CLEANSTART-2026-WG59699 Security fixes for CVE-2024-47535, CVE-2024-47561, CVE-2024-7254, CVE-2025-24970, CVE-2025-25193, CVE-2025-33042, CVE-2025-48924, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-67735, CVE-2025-68161, CVE-2026-33870, CVE-2026-33871, CVE-2026-41417, CVE-2026-42577, ghsa-72hv-8253-57qq applied in versions: 13.9-r0, 13.9-r1, 13.9-r2

Multiple security vulnerabilities affect the wavefront-proxy package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-44516

Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers...

UBUNTU-CVE-2026-43001

An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied projectid for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credentia...

CVE-2021-22196

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4. It was possible to exploit a stored cross-site-scripting in merge request via a specifically crafted branch name...

SeaCMS SQL注入漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in SeaCMS 13.3 and earlier versions, which stems from the mishandling of the parameter page/limit b...

EUVD-2025-200256

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

CVE-2025-59700

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition because of a lack of integrity protection...

CVE-2025-60135

CVE-2025-60135 is a Stored XSS in the WordPress plugin WeShare Buttons (WeShare Buttons: ≤13.0.0), caused by Improper Neutralization of Input During Web Page Generation. The vulnerability affects WeShare Buttons versions up to 13.0.0 and could allow injection of scripts into pages. The initial an...

Exploit for Use After Free in Google Android

CVE-2025-48543 Exploit: Android ART Use-After-Free Vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2023-4638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2023-4638 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable...

CVE-2025-59016

Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS versions 9.0.0-9.5.54, 10.0.0-10.4.53, 11.0.0-11.5.47, 12.0.0-12.4.36, and 13.0.0-13.4.17 allow backend users to disclose full file paths via failed low-level file-system operations...

Linux Distros Unpatched Vulnerability : CVE-2021-22201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server...

Linux Distros Unpatched Vulnerability : CVE-2020-13276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1 CVE-2020-13276...

CVE-2010-20120

Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.3 and earlier versions that stems from adminmembers.php not being handled correctly...