Vuldb Updates

A vulnerability, which was classified as critical, was found in Keycloak on Red Hat. This issue affects some unknown processing of the file /login-actions/restart. The manipulation results in authentication bypass by spoofing. This vulnerability is reported as CVE-2026-7507. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as critical, has been found in GitLab Community Edition and Enterprise Edition up to 18.9.6/18.10.5/18.11.2. This affects an unknown part of the component Email Notification Handler. This manipulation causes code injection. This vulnerability is registered as CVE-2025-12669. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability has been found in GitLab Community Edition and Enterprise Edition up to 18.9.6/18.10.5/18.11.2 and classified as problematic. The impacted element is an unknown function. The manipulation leads to access control check implemented after asset is accessed. This vulnerability is documented as CVE-2026-3607. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability classified as problematic was found in Qt up to 5.15.19/6.5.9/6.8.3/6.9.1. Impacted is an unknown function of the component OpenSSL TLS Backend. The manipulation results in uncontrolled search path. This vulnerability is cataloged as CVE-2025-14575. The attack must be initiated from a local position. There is no exploit available.

A vulnerability was found in Oracle Retail Customer Management and Segmentation Foundation 17.0/18.0/19.0. It has been rated as critical. This affects an unknown function of the component Security. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as critical has been discovered in Oracle Retail EFTLink 20.0.1/21.0.0. This impacts an unknown function of the component Installation. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2022-25647. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Oracle Siebel Core-Automation up to 22.8. It has been rated as critical. This vulnerability affects unknown code of the component Keyword Automation. This manipulation causes denial of service. This vulnerability is tracked as CVE-2022-25647. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability identified as critical has been detected in Oracle Siebel Core-Common Components up to 22.8. Impacted is an unknown function of the component DISA. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability marked as critical has been reported in Oracle Utilities Testing Accelerator 6.0.0.1.3/6.0.0.2.4/6.0.0.3.3. This affects an unknown part of the component Tools. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Oracle GoldenGate Stream Analytics and classified as critical. This issue affects some unknown processing of the component GoldenGate Stream Analytics. Executing a manipulation can lead to denial of service. This vulnerability is registered as CVE-2022-25647. It is possible to launch the attack remotely. No exploit is available.

A vulnerability classified as critical has been found in Oracle Communications Unified Inventory Management 7.4.0/7.4.1/7.4.2/7.5.0. This affects an unknown function of the component REST API. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-25647. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in Oracle Communications Cloud Native Core Automated Test Suite 22.2.2/22.3.1/22.4.0. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component ATS Framework. The manipulation leads to denial of service. This vulnerability is listed as CVE-2022-25647. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as critical has been discovered in Oracle Communications Cloud Native Core Binding Support Function 22.2.0. Affected by this issue is some unknown functionality of the component Install/Upgrade. The manipulation results in denial of service. This vulnerability is cataloged as CVE-2022-25647. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Oracle Communications Performance Intelligence Center (PIC) Software 10.4.0.4.1. This vulnerability affects unknown code of the component Management. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability identified as critical has been detected in Oracle Financial Services Model Management and Governance 8.0.8.0/8.1.0.0/8.1.1.0. Affected is an unknown function of the component Installer / Configuration. This manipulation causes denial of service. This vulnerability is tracked as CVE-2022-25647. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability described as critical has been identified in Oracle BI Publisher 5.9.0.0/6.4.0.0.0/12.2.1.3.0/12.2.1.4.0. This affects an unknown function of the component Security. Such manipulation leads to denial of service. This vulnerability is listed as CVE-2022-25647. The attack may be performed from remote. There is no available exploit.

A vulnerability has been found in Oracle Data Integrator 12.2.1.4.0 and classified as critical. This affects an unknown part of the component Runtime Java agent for ODI. This manipulation causes denial of service. This vulnerability appears as CVE-2022-25647. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in Oracle Middleware Common Libraries and Tools 12.2.1.3.0/12.2.1.4.0. It has been classified as critical. This issue affects some unknown processing of the component Thirdparty Patch. Performing a manipulation results in denial of service. This vulnerability is known as CVE-2022-25647. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability labeled as critical has been found in Oracle Healthcare Data Repository 8.1.1/8.1.2/8.1.3. This issue affects some unknown processing of the component Install. The manipulation results in denial of service. This vulnerability was named CVE-2022-25647. The attack may be performed from remote. There is no available exploit.

A vulnerability marked as critical has been reported in Oracle Healthcare Master Person Index up to 5.0.3. Impacted is an unknown function of the component Master Index. This manipulation causes denial of service. The identification of this vulnerability is CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.