Skip to main content

Database Server

209 CVEs product

Monthly

CVE-2026-21939 HIGH This Week

Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. [CVSS 7.0 HIGH]

Oracle Database Server
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2024-21251 LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2024-21233 MEDIUM This Month

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21184 HIGH This Week

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-21174 LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Java Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.1
EPSS
0.3%
CVE-2024-21126 MEDIUM This Month

Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.8
EPSS
0.5%
CVE-2024-21123 LOW Monitor

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2024-21066 MEDIUM This Month

Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass XSS Oracle Database Server
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2024-21058 MEDIUM This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2024-20995 LOW Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
2.4
EPSS
0.5%
CVE-2024-20903 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-22096 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22077 MEDIUM PATCH This Month

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2023-22075 LOW PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
2.4
EPSS
0.4%
CVE-2023-22074 LOW POC PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2023-22073 MEDIUM PATCH This Month

Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-22071 MEDIUM PATCH This Month

Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-22052 LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Java Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
3.1
EPSS
0.3%
CVE-2023-22034 MEDIUM PATCH This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2023-21949 LOW PATCH Monitor

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2023-21893 NuGet HIGH PATCH This Week

Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Microsoft Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-21606 MEDIUM PATCH This Month

Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft Oracle XSS Database Server
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2021-35576 LOW POC PATCH Monitor

Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
2.7
EPSS
1.4%
CVE-2021-2332 MEDIUM This Month

Vulnerability in the Oracle LogMiner component of Oracle Database Server. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2021-2234 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Java Database Server
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-2175 LOW POC PATCH Monitor

Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Hashicorp Authentication Bypass Database Server
NVD
CVSS 3.1
2.7
EPSS
1.7%
CVE-2021-2173 MEDIUM POC PATCH This Month

Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD GitHub
CVSS 3.1
4.1
EPSS
1.4%
CVE-2021-2000 LOW Monitor

Vulnerability in the Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
2.4
EPSS
0.8%
CVE-2021-1993 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Java Database Server Enterprise Manager Ops Center +2
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2020-2969 MEDIUM PATCH This Month

Vulnerability in the Data Pump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Oracle Information Disclosure Database Server
NVD
CVSS 3.1
6.6
EPSS
2.0%
CVE-2020-2968 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-2737 MEDIUM This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Database Server
NVD
CVSS 3.1
6.4
EPSS
1.0%
CVE-2020-2735 HIGH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-2734 LOW Monitor

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2020-1953 Maven CRITICAL PATCH Act Now

Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Commons Configuration Database Server Healthcare Foundation
NVD
CVSS 3.1
10.0
EPSS
6.7%
CVE-2020-2731 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.9
EPSS
0.4%
CVE-2020-2527 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.1
EPSS
1.0%
CVE-2020-2518 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-2517 LOW PATCH Monitor

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.3
EPSS
0.8%
CVE-2020-2516 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
2.4
EPSS
0.8%
CVE-2020-2515 MEDIUM PATCH This Month

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
0.8%
CVE-2020-2512 MEDIUM PATCH This Month

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.9
EPSS
1.5%
CVE-2020-2511 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
7.7
EPSS
1.3%
CVE-2020-2510 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Oracle Information Disclosure Database Server
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-10219 Maven MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse Jboss Data Grid Jboss Enterprise Application Platform +184
NVD GitHub
CVSS 3.1
6.1
EPSS
2.2%
CVE-2019-2956 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.7
EPSS
1.1%
CVE-2019-2955 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.9
EPSS
0.4%
CVE-2019-2954 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.9
EPSS
0.4%
CVE-2019-2940 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
2.3
EPSS
0.4%
CVE-2019-2939 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2913 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2909 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2019-2734 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2019-16942 Maven CRITICAL PATCH Act Now

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache Deserialization Jackson Databind Debian Linux Fedora +25
NVD GitHub
CVSS 3.1
9.8
EPSS
5.7%
CVE-2019-2799 HIGH PATCH This Week

Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Oracle Database Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-2776 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
7.6
EPSS
1.1%
CVE-2019-2753 MEDIUM PATCH This Month

Vulnerability in the Oracle Text component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.0
4.6
EPSS
0.9%
CVE-2019-2749 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Java Denial Of Service Oracle Database Server
NVD
CVSS 3.0
6.8
EPSS
1.1%
CVE-2019-2569 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.0).

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
4.0
EPSS
0.4%
CVE-2019-2484 MEDIUM PATCH This Month

Vulnerability in the Application Express component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-12973 MEDIUM PATCH This Month

In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Openjpeg Leap Debian Linux Database Server +1
NVD GitHub
CVSS 3.1
5.5
EPSS
2.6%
CVE-2019-2582 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2019-2571 MEDIUM PATCH This Month

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
6.6
EPSS
1.1%
CVE-2019-2518 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Information Disclosure Oracle Database Server
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-2517 CRITICAL PATCH Act Now

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
9.1
EPSS
1.7%
CVE-2019-2516 HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
8.2
EPSS
0.4%
CVE-2019-2547 LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Java Denial Of Service Oracle Database Server
NVD
CVSS 3.0
3.5
EPSS
1.0%
CVE-2018-1000873 Maven MEDIUM POC PATCH This Month

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jackson Modules Java8 Clusterware Database Server Global Lifecycle Management Opatch +2
NVD GitHub
CVSS 3.1
6.5
EPSS
4.8%
CVE-2018-3259 CRITICAL PATCH Act Now

Vulnerability in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-3110 CRITICAL PATCH Act Now

A vulnerability was discovered in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
9.9
EPSS
2.5%
CVE-2018-3004 MEDIUM POC PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available.

Java Oracle Authentication Bypass Database Server
NVD
CVSS 3.0
5.3
EPSS
2.7%
CVE-2018-2939 HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.0
8.4
EPSS
0.4%
CVE-2018-10237 Maven MEDIUM PATCH This Month

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Google Java Denial Of Service Guava Openshift Container Platform +15
NVD
CVSS 3.1
5.9
EPSS
5.1%
CVE-2018-2841 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
8.5
EPSS
1.8%
CVE-2018-2680 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.0
8.3
EPSS
1.7%
CVE-2018-2575 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.

Oracle Microsoft Authentication Bypass Database Server
NVD
CVSS 3.0
2.0
EPSS
0.9%
CVE-2017-10120 LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 1.9).

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
1.9
EPSS
0.1%
CVE-2016-9843 CRITICAL Act Now

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 15.1% and no vendor patch available.

Information Disclosure Zlib Leap Opensuse Debian Linux +20
NVD GitHub
CVSS 3.1
9.8
EPSS
15.1%
CVE-2016-9842 HIGH PATCH Act Now

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.1%.

Information Disclosure Zlib Leap Opensuse Debian Linux +15
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
12.1%
CVE-2016-9841 CRITICAL Act Now

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Information Disclosure Zlib Leap Opensuse Debian Linux +35
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
13.5%
CVE-2016-9840 HIGH PATCH Act Now

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.0%.

Information Disclosure Boost Zlib Leap Opensuse +16
NVD GitHub
CVSS 3.1
8.8
EPSS
10.0%
CVE-2016-9053 CRITICAL POC Act Now

An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Database Server
NVD
CVSS 3.1
9.8
EPSS
5.4%
CVE-2016-9051 CRITICAL POC Act Now

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE Database Server
NVD
CVSS 3.1
9.8
EPSS
3.9%
CVE-2016-9049 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Database Server
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2017-3240 LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Database Server
NVD VulDB
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-9054 CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE Database Server
NVD VulDB
CVSS 3.1
9.8
EPSS
14.8%
CVE-2016-9052 CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE Database Server
NVD VulDB
CVSS 3.1
9.8
EPSS
14.8%
CVE-2016-9050 HIGH POC This Week

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Database Server
NVD VulDB
CVSS 3.1
8.2
EPSS
0.6%
CVE-2016-5555 CRITICAL PATCH Act Now

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
9.1
EPSS
0.9%
CVE-2016-5516 MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
6.0
EPSS
0.1%
EPSS 0% CVSS 7.0
HIGH This Week

Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. [CVSS 7.0 HIGH]

Oracle Database Server
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Java Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 5.8
MEDIUM This Month

Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

Vulnerability in the RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass XSS Oracle +1
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Authentication Bypass +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 1% CVSS 2.4
LOW POC PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Denial Of Service Database Server
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Java Oracle Authentication Bypass +1
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Microsoft Oracle Authentication Bypass +1
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft Oracle XSS +1
NVD
EPSS 1% CVSS 2.7
LOW POC PATCH Monitor

Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 6.7
MEDIUM This Month

Vulnerability in the Oracle LogMiner component of Oracle Database Server. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Java +1
NVD
EPSS 2% CVSS 2.7
LOW POC PATCH Monitor

Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Hashicorp Authentication Bypass +1
NVD
EPSS 1% CVSS 4.1
MEDIUM POC PATCH This Month

Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD GitHub
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the Unified Audit component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Java +4
NVD
EPSS 2% CVSS 6.6
MEDIUM PATCH This Month

Vulnerability in the Data Pump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Oracle Information Disclosure Database Server
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Database Server
NVD
EPSS 1% CVSS 8.0
HIGH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
EPSS 7% CVSS 10.0
CRITICAL PATCH Act Now

Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Commons Configuration +2
NVD
EPSS 0% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 4.1
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 2.4
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Oracle Information Disclosure Database Server
NVD
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse +186
NVD GitHub
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 0% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 0% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 6% CVSS 9.8
CRITICAL PATCH Act Now

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache Deserialization Jackson Databind +27
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Oracle +1
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Vulnerability in the Oracle Text component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Java Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.0).

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Application Express component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Openjpeg Leap +3
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 6.6
MEDIUM PATCH This Month

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Oracle Database Server
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Java Information Disclosure Oracle +1
NVD
EPSS 2% CVSS 9.1
CRITICAL PATCH Act Now

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Portable Clusterware component of Oracle Database Server. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Java Denial Of Service Oracle +1
NVD
EPSS 5% CVSS 6.5
MEDIUM POC PATCH This Month

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Jackson Modules Java8 Clusterware +4
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Information Disclosure +1
NVD
EPSS 2% CVSS 9.9
CRITICAL PATCH Act Now

A vulnerability was discovered in the Java VM component of Oracle Database Server. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure +1
NVD
EPSS 3% CVSS 5.3
MEDIUM POC PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. Public exploit code available.

Java Oracle Authentication Bypass +1
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 5% CVSS 5.9
MEDIUM PATCH This Month

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Google Java Denial Of Service +17
NVD
EPSS 2% CVSS 8.5
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure +1
NVD
EPSS 2% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 2.0
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.

Oracle Microsoft Authentication Bypass +1
NVD
EPSS 0% CVSS 1.9
LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 1.9).

Authentication Bypass Oracle Database Server
NVD
EPSS 15% CVSS 9.8
CRITICAL Act Now

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 15.1% and no vendor patch available.

Information Disclosure Zlib Leap +22
NVD GitHub
EPSS 12% CVSS 8.8
HIGH PATCH Act Now

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 12.1%.

Information Disclosure Zlib Leap +17
NVD GitHub VulDB
EPSS 13% CVSS 9.8
CRITICAL Act Now

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.5% and no vendor patch available.

Information Disclosure Zlib Leap +37
NVD GitHub VulDB
EPSS 10% CVSS 8.8
HIGH PATCH Act Now

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.0%.

Information Disclosure Boost Zlib +18
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL POC Act Now

An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Database Server
NVD
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption RCE +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Database Server
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Information Disclosure Database Server
NVD VulDB
EPSS 15% CVSS 9.8
CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB
EPSS 15% CVSS 9.8
CRITICAL POC THREAT Emergency

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%.

Buffer Overflow Memory Corruption RCE +1
NVD VulDB
EPSS 1% CVSS 8.2
HIGH POC This Week

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD VulDB
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Information Disclosure Oracle Database Server
NVD
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy