|
2971
|
8.8 |
HIGH
Network
|
oracle
|
e-business_suite
|
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-46826
|
2026-06-4 02:43 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2972
|
8.8 |
HIGH
Network
|
oracle
|
e-business_suite
|
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability al…
|
CWE-269
CWE-284
CWE-287
CWE-306
Improper Privilege Management
Improper Access Control
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-46827
|
2026-06-4 02:43 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2973
|
8.1 |
HIGH
Network
|
oracle
|
e-business_suite
|
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
|
CWE-284
Improper Access Control
|
CVE-2026-46828
|
2026-06-4 02:42 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2974
|
7.5 |
HIGH
Network
|
oracle
|
rest_data_services
|
Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-46829
|
2026-06-4 02:41 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2975
|
6.5 |
MEDIUM
Network
|
nextcloud
|
approval
|
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to f…
|
CWE-285
Improper Authorization
|
CVE-2026-45275
|
2026-06-4 02:39 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2976
|
9.1 |
CRITICAL
Network
|
oracle
|
e-business_suite
|
Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploi…
|
CWE-284
Improper Access Control
|
CVE-2026-46819
|
2026-06-4 02:37 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2977
|
3.3 |
LOW
Local
|
nextcloud
|
approval
|
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can req…
|
CWE-200
NVD-CWE-noinfo
Information Exposure
|
CVE-2026-45277
|
2026-06-4 02:36 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2978
|
6.1 |
MEDIUM
Network
|
nextcloud
|
user_oidc
|
Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses …
|
CWE-601
Open Redirect
|
CVE-2026-45278
|
2026-06-4 02:34 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2979
|
7.5 |
HIGH
Network
|
mosaic5g
|
flexric
|
FlexRIC v2.0.0 crashes when the iApp receives an E42_RIC_SUBSCRIPTION_REQUEST referencing a non-existent E2 Node. The lookup function returns NULL, which is enforced by assert() in Debug builds (SIGA…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-37226
|
2026-06-4 02:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2980
|
7.5 |
HIGH
Network
|
mosaic5g
|
flexric
|
FlexRIC v2.0.0 contains a reachable assertion in e2ap_recv_sctp_msg() (src/lib/ep/e2ap_ep.c). The function allocates a fixed 32KB receive buffer and enforces assert(rc < len) on the sctp_recvmsg() re…
|
CWE-617
Reachable Assertion
|
CVE-2026-37228
|
2026-06-4 02:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
