Aggregator

CVE-2022-25647 | Oracle BI Publisher 5.9.0.0/6.4.0.0.0/12.2.1.3.0/12.2.1.4.0 Security denial of service (Nessus ID 235116)

Vuldb Updates
3 weeks 5 days ago
A vulnerability described as critical has been identified in Oracle BI Publisher 5.9.0.0/6.4.0.0.0/12.2.1.3.0/12.2.1.4.0. This affects an unknown function of the component Security. Such manipulation leads to denial of service. This vulnerability is listed as CVE-2022-25647. The attack may be performed from remote. There is no available exploit.
vuldb.com

CVE-2022-25647 | Oracle Middleware Common Libraries and Tools 12.2.1.3.0/12.2.1.4.0 Thirdparty Patch denial of service (Nessus ID 235116)

Vuldb Updates
3 weeks 5 days ago
A vulnerability was found in Oracle Middleware Common Libraries and Tools 12.2.1.3.0/12.2.1.4.0. It has been classified as critical. This issue affects some unknown processing of the component Thirdparty Patch. Performing a manipulation results in denial of service. This vulnerability is known as CVE-2022-25647. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

CVE-2022-25647 | Oracle Healthcare Master Person Index up to 5.0.3 Master Index denial of service (Nessus ID 235116)

Vuldb Updates
3 weeks 5 days ago
A vulnerability marked as critical has been reported in Oracle Healthcare Master Person Index up to 5.0.3. Impacted is an unknown function of the component Master Index. This manipulation causes denial of service. The identification of this vulnerability is CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2022-25647 | Oracle Documaker Enterprise Edition 12.6/12.7 Development Tools denial of service (Nessus ID 235116)

Vuldb Updates
3 weeks 5 days ago
A vulnerability was found in Oracle Documaker Enterprise Edition 12.6/12.7. It has been classified as critical. This affects an unknown part of the component Development Tools. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2022-25647. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2022-25647 | Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59/8.60 Elastic Search denial of service (Nessus ID 235116)

Vuldb Updates
3 weeks 5 days ago
A vulnerability marked as critical has been reported in Oracle PeopleSoft Enterprise PeopleTools 8.58/8.59/8.60. This impacts an unknown function of the component Elastic Search. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog

Cyber Security News
3 weeks 5 days ago

 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation and urging organizations to remediate immediately. The flaw affects Langflow, a popular tool used for building and deploying AI-driven workflows. The issue stems from an origin validation error […]

The post CISA adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog appeared first on Cyber Security News.

Abinaya

Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs

Cyber Security News
3 weeks 5 days ago

A newly disclosed issue with Google Cloud API keys reveals that deleted credentials may remain usable for up to 23 minutes, exposing projects to potential abuse even after revocation. The finding raises concerns about delayed credential invalidation across Google’s infrastructure, particularly for sensitive services such as Gemini, BigQuery, and Google Maps APIs. According to Aikido […]

The post Deleted Google API Keys Continue Accessing Gemini, BigQuery, and Maps APIs appeared first on Cyber Security News.

Abinaya

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Krebs on Security
3 weeks 5 days ago
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.
BrianKrebs

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

The Hackers News
3 weeks 5 days ago
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in the country. The activity, per the Computer Emergency Response Team of Ukraine (CERT-UA), involves sending phishing emails to government entities using compromised accounts. It's been
The Hacker News

CVE-2022-34363 | Dell Unisphere 360 prior 10.0.0.2 VMAX Application improper authorization (EUVD-2022-37318)

VulDB Recent Entries
3 weeks 5 days ago
A vulnerability categorized as critical has been discovered in Dell Unisphere for PowerMax, Unisphere for PowerMax Virtual Appliance and Unisphere 360. This issue affects some unknown processing of the component VMAX Application. The manipulation results in improper authorization. This vulnerability is identified as CVE-2022-34363. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-9249 | Devolutions Server up to 2025.3.20.0/2026.1.16.0 unverified password change (DEVO-2026-0013 / EUVD-2026-31457)

VulDB Recent Entries
3 weeks 5 days ago
A vulnerability was found in Devolutions Server up to 2025.3.20.0/2026.1.16.0. It has been rated as problematic. This vulnerability affects unknown code. The manipulation leads to unverified password change. This vulnerability is referenced as CVE-2026-9249. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

Managed ad