|
821
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily explo…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-34275
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
822
|
3.7 |
LOW
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java …
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-22018
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
823
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-22021
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
824
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component: Contracts). The supported version that is affected is 9.2. Easily exploitable vulnerability allows …
New
|
CWE-200
Information Exposure
|
CVE-2026-34300
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
825
|
2.9 |
LOW
Local
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java S…
New
|
CWE-200
Information Exposure
|
CVE-2026-34268
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
826
|
2.4 |
LOW
Network
|
-
|
-
|
Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Acces…
New
|
CWE-284
Improper Access Control
|
CVE-2026-34312
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
827
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.30 and 21.3-21.21. Easily exploitable vulnerability allows unauthenticated attacke…
New
|
CWE-284
Improper Access Control
|
CVE-2026-35229
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
828
|
7.5 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34282
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
829
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1/shape API is vulnerable to error-based SQL injection, allowing any authenticated user to…
New
|
CWE-89
SQL Injection
|
CVE-2026-40906
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
830
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, a validation bypass in the VolumeMount path restriction allows mounting volumes under restr…
New
|
CWE-22
Path Traversal
|
CVE-2026-40923
|
2026-04-23 06:24 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
