Skip to main content
CVE-2024-21027 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21025 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21024 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21023 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21022 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21021 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21020 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-21019 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21018 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-21017 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-21016 MEDIUM This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-32634 MEDIUM This Month

In huge memory get unmapped area check, code can never be reached because of a logical contradiction. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Asr3603 Firmware Asr1607 Firmware Asr1803Sc Firmware Asr3602 Firmware +9
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-21109 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2024-3859 MEDIUM This Month

On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Information Disclosure Mozilla Firefox Thunderbird +1
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2024-21084 MEDIUM This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-32625 MEDIUM This Month

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Asr1806 Firmware Asr1803 Firmware Asr1606 Firmware Asr1603 Firmware +9
NVD
CVSS 3.1
5.8
EPSS
0.4%
CVE-2024-21015 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-3367 MEDIUM This Month

Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Checkmk
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-21070 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Search Framework). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-21064 MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Answers). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-21001 MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: BI Platform Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-21120 MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-21119 MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-21118 MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-21117 MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-21093 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Java Virtual Machine
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-20994 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2024-20991 MEDIUM This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Http Server
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-20990 MEDIUM This Month

Vulnerability in the Oracle Applications Technology product of Oracle E-Business Suite (component: Templates). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Applications Technology Stack
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-3862 MEDIUM This Month

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mozilla Firefox
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-31451 MEDIUM This Month

DocsGPT is a GPT-powered chat for documentation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-21102 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-21097 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2024-21087 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21069 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2024-21062 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2024-21061 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21060 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21058 MEDIUM This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2024-21057 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21056 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +1
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21055 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Bluexp +3
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21054 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Oracle Mysql Server Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21053 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Oracle Mysql Server Active Iq Unified Manager +2
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21052 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +1
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21051 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +1
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21050 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +1
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21049 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +1
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21047 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21009 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy