|
1371
|
8.8 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-46826
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1372
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Eas…
|
CWE-269
CWE-284
CWE-306
Improper Privilege Management
Improper Access Control
Missing Authentication for Critical Function
|
CVE-2026-46824
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1373
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex…
|
CWE-863
Incorrect Authorization
|
CVE-2026-46823
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1374
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
|
CWE-284
Improper Access Control
|
CVE-2026-46822
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1375
|
7.7 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
|
CWE-284
Improper Access Control
|
CVE-2026-46821
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1376
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploi…
|
CWE-284
Improper Access Control
|
CVE-2026-46819
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1377
|
7.4 |
HIGH
Network
|
-
|
-
|
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability al…
|
CWE-284
Improper Access Control
|
CVE-2026-46818
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1378
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allo…
|
CWE-269
CWE-287
CWE-306
Improper Privilege Management
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-46817
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1379
|
- |
|
-
|
-
|
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains an Insecure Direct Object Reference vulnerability in the authorization policy layer that allows any authent…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45342
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1380
|
8.6 |
HIGH
Local
|
-
|
-
|
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowli…
|
CWE-78
OS Command
|
CVE-2026-44466
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
