|
921
|
2.9 |
LOW
Local
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java S…
New
|
CWE-200
Information Exposure
|
CVE-2026-34268
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
922
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component: Contracts). The supported version that is affected is 9.2. Easily exploitable vulnerability allows …
New
|
CWE-200
Information Exposure
|
CVE-2026-34300
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
923
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34282
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
924
|
2.4 |
LOW
Network
|
-
|
-
|
Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Acces…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34312
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
925
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.30 and 21.3-21.21. Easily exploitable vulnerability allows unauthenticated attacke…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35229
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
926
|
5.0 |
MEDIUM
Local
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-34317
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
927
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1/shape API is vulnerable to error-based SQL injection, allowing any authenticated user to…
New
|
CWE-89
SQL Injection
|
CVE-2026-40906
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
928
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restr…
New
|
CWE-22
Path Traversal
|
CVE-2026-40923
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
929
|
5.8 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu…
New
|
CWE-200
Information Exposure
|
CVE-2026-34318
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
930
|
5.0 |
MEDIUM
Local
|
-
|
-
|
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
New
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2026-34319
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
