|
831
|
5.0 |
MEDIUM
Local
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-34317
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
832
|
5.8 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu…
New
|
CWE-200
Information Exposure
|
CVE-2026-34318
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
833
|
5.0 |
MEDIUM
Local
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
New
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2026-34319
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
834
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Financial Services Customer Screening product of Oracle Financial Services Applications (component: User Interface). The supported version that is affected is 8.1.2.8.0.…
New
|
CWE-285
Improper Authorization
|
CVE-2026-34320
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
835
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Financial Services Transaction Filtering product of Oracle Financial Services Applications (component: User Interface). The supported version that is affected is 8.1.2.8…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35231
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
836
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in Oracle Fusion Middleware (component: Dynamic Monitoring Service). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low pr…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35232
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
837
|
5.2 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.24.0.000. Easily exploita…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35244
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
838
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: C Oracle SSL API). Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to expl…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35252
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
839
|
6.5 |
MEDIUM
Network
|
-
|
-
|
frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style request…
New
|
CWE-287
Improper Authentication
|
CVE-2026-40910
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
840
|
10.0 |
CRITICAL
Network
|
-
|
-
|
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without saniti…
New
|
CWE-94
Code Injection
|
CVE-2026-40911
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
