Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required.
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.