Skip to main content

Database

51 CVEs product

Monthly

CVE-2023-21934 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Authentication Bypass Database
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2023-21829 MEDIUM PATCH This Month

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2023-21827 MEDIUM PATCH This Month

Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-21596 HIGH PATCH This Week

Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2022-21498 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle Database
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-21411 MEDIUM This Month

Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-21410 HIGH This Week

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Database
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-35558 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-35557 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-35551 MEDIUM PATCH This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-2337 HIGH PATCH This Week

Vulnerability in the Oracle XML DB component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Database
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2021-2336 LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
3.5
EPSS
0.6%
CVE-2021-2335 LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
3.5
EPSS
0.6%
CVE-2021-2334 LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
3.5
EPSS
0.7%
CVE-2021-2245 LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2021-2207 LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
2.3
EPSS
0.6%
CVE-2021-25329 Maven HIGH PATCH This Week

The fix for CVE-2020-9484 was incomplete. Rated high severity (CVSS 7.0).

Tomcat Apache Information Disclosure Debian Linux Agile Plm +9
NVD
CVSS 3.1
7.0
EPSS
9.5%
CVE-2021-25122 Maven HIGH PATCH This Week

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Tomcat Apache Information Disclosure Debian Linux Agile Plm +9
NVD
CVSS 3.1
7.5
EPSS
18.1%
CVE-2020-5360 HIGH PATCH This Week

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dell Bsafe Micro Edition Suite Database Http Server +2
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-5359 MEDIUM PATCH This Month

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Bsafe Micro Edition Suite Database Weblogic Server Proxy Plug In
NVD
CVSS 3.1
5.8
EPSS
1.3%
CVE-2020-14901 MEDIUM This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
4.9
EPSS
1.5%
CVE-2020-2242 Maven MEDIUM PATCH This Month

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Database
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-2241 Maven HIGH PATCH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Database
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-2240 Maven HIGH PATCH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Database
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-2978 MEDIUM POC PATCH This Month

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
4.1
EPSS
1.2%
CVE-2020-9484 Maven HIGH POC PATCH THREAT This Week

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server;. Rated high severity (CVSS 7.0). This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache RCE Deserialization Tomcat Debian Linux +24
NVD
CVSS 3.1
7.0
EPSS
56.6%
CVE-2019-3740 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +14
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2019-3739 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +12
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-3738 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Threat Intelligence Exchange Server +12
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2019-2619 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2444 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2406 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
7.2
EPSS
1.7%
CVE-2018-1288 Maven MEDIUM PATCH This Month

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Kafka Jboss Middleware Text Only Advisories Database +2
NVD
CVSS 3.1
5.4
EPSS
4.8%
CVE-2017-10321 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Oracle Database
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-10292 LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Database
NVD
CVSS 3.0
2.3
EPSS
0.1%
CVE-2017-10261 MEDIUM PATCH This Month

Vulnerability in the XML Database component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Microsoft Authentication Bypass Information Disclosure Database
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-10190 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Java Oracle Database
NVD
CVSS 3.0
8.2
EPSS
0.1%
CVE-2017-10202 CRITICAL PATCH Act Now

Vulnerability in the OJVM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Oracle Database
NVD
CVSS 3.0
9.9
EPSS
2.1%
CVE-2017-3567 MEDIUM This Month

Vulnerability in the OJVM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Database
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2017-3310 CRITICAL PATCH Act Now

Vulnerability in the OJVM component of Oracle Database Server. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD VulDB
CVSS 3.0
9.0
EPSS
0.6%
CVE-2016-5572 MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Privilege Escalation Oracle Database
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-5497 MEDIUM PATCH This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Oracle Authentication Bypass Database
NVD
CVSS 3.0
6.4
EPSS
0.1%
CVE-2016-3609 CRITICAL PATCH Act Now

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
9.0
EPSS
1.4%
CVE-2016-3489 MEDIUM PATCH This Month

Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2016-3488 MEDIUM PATCH This Month

Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
4.4
EPSS
0.1%
CVE-2016-3484 LOW PATCH Monitor

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity.

Hashicorp Information Disclosure Oracle Database
NVD
CVSS 3.0
3.4
EPSS
0.1%
CVE-2016-3479 HIGH PATCH This Week

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Database
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2016-3454 CRITICAL Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle Database
NVD
CVSS 3.0
9.0
EPSS
1.2%
CVE-2016-0691 LOW Monitor

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Database
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-0690 LOW Monitor

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Database
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-0677 MEDIUM This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Database
NVD
CVSS 3.0
5.9
EPSS
1.0%
EPSS 1% CVSS 6.8
MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Authentication Bypass +1
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Database
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Oracle XML DB component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Database
NVD
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Oracle Authentication Bypass Database
NVD
EPSS 9% CVSS 7.0
HIGH PATCH This Week

The fix for CVE-2020-9484 was incomplete. Rated high severity (CVSS 7.0).

Tomcat Apache Information Disclosure +11
NVD
EPSS 18% CVSS 7.5
HIGH PATCH This Week

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Tomcat Apache Information Disclosure +11
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Dell Bsafe Micro Edition Suite +4
NVD
EPSS 1% CVSS 5.8
MEDIUM PATCH This Month

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Dell Information Disclosure Bsafe Micro Edition Suite +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Database
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Database
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Database
NVD
EPSS 1% CVSS 4.1
MEDIUM POC PATCH This Month

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database
NVD
EPSS 57% CVSS 7.0
HIGH POC PATCH THREAT This Week

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server;. Rated high severity (CVSS 7.0). This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache RCE Deserialization +26
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +16
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 5% CVSS 5.4
MEDIUM PATCH This Month

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Kafka +4
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Database
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the XML Database component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Microsoft Authentication Bypass +2
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Java Oracle +1
NVD
EPSS 2% CVSS 9.9
CRITICAL PATCH Act Now

Vulnerability in the OJVM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the OJVM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Database
NVD
EPSS 1% CVSS 9.0
CRITICAL PATCH Act Now

Vulnerability in the OJVM component of Oracle Database Server. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Privilege Escalation Oracle Database
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.4).

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 9.0
CRITICAL PATCH Act Now

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 0% CVSS 3.4
LOW PATCH Monitor

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity.

Hashicorp Information Disclosure Oracle +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Database
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java Oracle +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Database
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Database
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Database
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy