Skip to main content
CVE-2021-2408 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Notification Configuration). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Pt Peopletools
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-2375 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-2338 MEDIUM PATCH This Month

Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM (component: Email Marketing Stand-Alone). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Siebel Marketing
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-22723 MEDIUM This Month

A CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-siteScripting) through Cross-Site Request Forgery (CSRF) vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF XSS Evlink City Evc1S22P4 Firmware Evlink City Evc1S7P4 Firmware Evlink Parking Evw2 Firmware +3
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-22706 MEDIUM This Month

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Evlink City Evc1S22P4 Firmware Evlink City Evc1S7P4 Firmware Evlink Parking Evw2 Firmware Evlink Parking Evf2 Firmware +2
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-2462 MEDIUM This Month

Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Commerce Service Center
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-2442 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2417 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
6.0
EPSS
1.7%
CVE-2021-2429 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
5.9
EPSS
41.5%
CVE-2021-2390 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Integer Overflow Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
5.9
EPSS
4.3%
CVE-2021-2389 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.9
EPSS
8.2%
CVE-2021-2368 MEDIUM This Month

Vulnerability in the Siebel CRM product of Oracle Siebel CRM (component: Siebel Core - Server Infrastructure). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Siebel Crm
NVD
CVSS 3.1
5.9
EPSS
1.5%
CVE-2021-2356 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Oncommand Insight Fedora
NVD
CVSS 3.1
5.9
EPSS
1.9%
CVE-2021-2323 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Flex-Branch). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2021-2445 MEDIUM This Month

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Infrastructure Technology
NVD
CVSS 3.1
5.7
EPSS
0.8%
CVE-2021-25701 MEDIUM This Month

The fUSBHub driver in the PCoIP Software Client prior to version 21.07.0 had an error in object management during the handling of a variety of IOCTLs, which allowed an attacker to cause a denial of. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Pcoip Client
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1102 MEDIUM PATCH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can lead to floating point exceptions, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1101 MEDIUM PATCH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it can dereference a NULL pointer, which may lead to denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-1100 MEDIUM PATCH This Month

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Nvidia Virtual Gpu
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-2373 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-2346 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Commerce Experience Manager Commerce Guided Search
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-2345 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Commerce Experience Manager Commerce Guided Search
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-22722 MEDIUM This Month

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Stored Cross-site Scripting') vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1),. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Evlink City Evc1S22P4 Firmware Evlink City Evc1S7P4 Firmware Evlink Parking Evw2 Firmware Evlink Parking Evf2 Firmware +2
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-2460 MEDIUM This Month

Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-2407 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-2403 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2021-2401 MEDIUM This Month

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle XXE Bi Publisher
NVD
CVSS 3.1
5.3
EPSS
84.8%
CVE-2021-22721 MEDIUM This Month

A CWE-200: Information Exposure vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1),. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Evlink City Evc1S22P4 Firmware Evlink City Evc1S7P4 Firmware Evlink Parking Evw2 Firmware Evlink Parking Evf2 Firmware +2
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-2457 MEDIUM This Month

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Request Management & Workflow). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Identity Manager
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-2347 MEDIUM PATCH This Month

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hyperion Infrastructure Technology
NVD
CVSS 3.1
5.2
EPSS
0.9%
CVE-2021-2385 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server Fedora Oncommand Insight +2
NVD
CVSS 3.1
5.0
EPSS
1.9%
CVE-2021-2444 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2021-2441 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-2440 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-2437 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-2427 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2021-2426 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2425 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2424 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2422 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2418 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-2412 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2410 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2402 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2399 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2021-2387 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.6%
CVE-2021-2384 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight Fedora
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2021-2383 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight Fedora
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2021-2370 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Oncommand Insight Fedora
NVD
CVSS 3.1
4.9
EPSS
2.5%
CVE-2021-2367 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Mysql Server Oncommand Insight Fedora
NVD
CVSS 3.1
4.9
EPSS
2.6%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy