Database Server
Monthly
Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. [CVSS 7.0 HIGH]
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Oracle LogMiner component of Oracle Database Server. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Data Pump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Text component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.0).
Vulnerability in the Application Express component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability was discovered in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.
Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 1.9).
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 15.1% and no vendor patch available.
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.1%.
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.0%.
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.
An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. [CVSS 7.0 HIGH]
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Oracle LogMiner component of Oracle Database Server. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Vulnerability in the Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Data Pump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Text component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.0).
Vulnerability in the Application Express component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability was discovered in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.
Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 1.9).
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 15.1% and no vendor patch available.
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.1%.
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.0%.
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.
An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.