|
3021
|
9.8 |
CRITICAL
Network
|
oracle
|
e-business_suite
|
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allo…
|
CWE-269
CWE-287
CWE-306
Improper Privilege Management
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-46817
|
2026-06-4 22:45 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3022
|
4.9 |
MEDIUM
Network
|
progress
|
sitefinity
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used co…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-7313
|
2026-06-4 22:12 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3023
|
7.5 |
HIGH
Network
|
progress
|
sitefinity
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.844…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-7312
|
2026-06-4 22:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3024
|
8.1 |
HIGH
Network
|
progress
|
sitefinity
|
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.…
|
CWE-20
Improper Input Validation
|
CVE-2026-7195
|
2026-06-4 21:51 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3025
|
9.8 |
CRITICAL
Network
|
progress
|
sitefinity
|
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in f…
|
CWE-284
Improper Access Control
|
CVE-2026-7198
|
2026-06-4 21:43 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3026
|
8.8 |
HIGH
Network
|
progress
|
sitefinity
|
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authenti…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7201
|
2026-06-4 21:42 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3027
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the reply_text parameter. Attackers can pos…
|
CWE-79
Cross-site Scripting
|
CVE-2018-25384
|
2026-06-4 12:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3028
|
9.0 |
CRITICAL
Network
|
-
|
-
|
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is config…
|
CWE-78
OS Command
|
CVE-2026-4408
|
2026-06-4 09:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3029
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-2596
|
2026-06-4 08:16 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3030
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges…
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2025-22424
|
2026-06-4 07:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
