Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2024-20978 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20976 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-20974 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-20972 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-20970 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-20968 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.4
EPSS
0.9%
CVE-2024-20966 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2024-20964 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2024-20962 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20960 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20958 MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20956 HIGH This Week

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Agile Product Lifecycle Management For Process
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2024-20953 HIGH KEV THREAT This Week

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2024-20951 MEDIUM This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Customer Interaction History
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20949 MEDIUM This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle Customer Interaction History
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-20947 MEDIUM This Month

Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Common Applications
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20943 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20941 MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: HTML UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Oracle Installed Base
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-20939 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Admin Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-20937 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-20935 MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-20933 MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Installed Base
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20931 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
59.7%
CVE-2024-20929 MEDIUM This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: DB Privileges). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Application Object Library
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-20927 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-20925 Maven LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Jdk +1
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2024-20923 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Jdk +1
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2024-20917 HIGH This Week

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Log Management). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Denial Of Service Oracle Enterprise Manager Base Platform
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-20915 MEDIUM This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login - SSO). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Denial Of Service Oracle Application Object Library
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-20913 MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: BI Platform Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20911 LOW Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Hashicorp Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
2.6
EPSS
0.3%
CVE-2024-20909 HIGH This Week

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-20907 MEDIUM This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: File download). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Web Applications Desktop Integrator
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20905 LOW Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-20903 MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-20987 MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20985 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20983 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-20981 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20979 MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20977 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20975 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2024-20973 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20971 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20969 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-20967 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-20965 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.5%
CVE-2024-20963 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20961 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20959 MEDIUM PATCH This Month

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle Zfs Storage Appliance Kit
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-20957 LOW PATCH Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-20950 MEDIUM PATCH This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Interaction History
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20948 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20946 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-20944 MEDIUM PATCH This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Isupport
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-20942 MEDIUM PATCH This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20940 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Knowledge Management
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20938 MEDIUM PATCH This Month

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20936 MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20934 MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Installed Base
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20930 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2024-20928 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Content
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20924 HIGH PATCH This Week

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Hashicorp Information Disclosure Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-20922 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required.

Authentication Bypass Java Oracle Graalvm Jdk +4
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2024-20920 LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Solaris
NVD
CVSS 3.1
3.8
EPSS
0.2%
CVE-2024-20916 HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Rated high severity (CVSS 8.3), this vulnerability is low attack complexity.

Authentication Bypass Denial Of Service Oracle Enterprise Manager
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2024-20914 LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Zfs Storage Appliance Kit
NVD
CVSS 3.1
2.3
EPSS
0.2%
CVE-2024-20912 LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Hashicorp Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2024-20910 LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Hashicorp Information Disclosure Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
3.0
EPSS
0.3%
CVE-2024-20908 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20906 MEDIUM PATCH This Month

Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Integrated Lights Out Manager Firmware
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-20904 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.1
5.0
EPSS
0.4%
CVE-2023-41097 HIGH This Week

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.4.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Gecko Software Development Kit
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-43123 Maven MEDIUM PATCH This Month

On unix-like systems, the temporary directory is shared between all user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Apple Atlassian Java Apache +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-22130 MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Sun Zfs Storage Appliance Kit
NVD
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-22129 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-22128 LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
3.1
EPSS
0.3%
CVE-2023-22127 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Outside In Technology
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2023-22126 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Webcenter Content
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-22125 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22124 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22123 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22122 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Oracle Denial Of Service Authentication Bypass Banking Trade Finance
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-22121 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22119 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Oracle Denial Of Service Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-22118 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Universal Banking
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22117 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22115 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22114 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2023-22113 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
2.7
EPSS
0.8%
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Agile Product Lifecycle Management For Process
NVD
EPSS 3% CVSS 8.8
HIGH KEV THREAT This Week

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Customer Interaction History
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Common Applications
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: HTML UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Admin Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Customer Relationship Management Technical Foundation
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Installed Base
NVD
EPSS 60% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: DB Privileges). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Application Object Library
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle +3
NVD
EPSS 1% CVSS 3.1
LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Log Management). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login - SSO). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: BI Platform Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Business Intelligence
NVD
EPSS 0% CVSS 2.6
LOW Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Hashicorp Oracle +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Oracle +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: File download). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Web Applications Desktop Integrator
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL +1
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle Zfs Storage Appliance Kit
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Interaction History
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Isupport
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Complex Maintenance Repair And Overhaul
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Knowledge Management
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Istore
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Installed Base
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Content
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable.

Hashicorp Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 2.5
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required.

Authentication Bypass Java Oracle +6
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Solaris
NVD
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Rated high severity (CVSS 8.3), this vulnerability is low attack complexity.

Authentication Bypass Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Zfs Storage Appliance Kit
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Hashicorp Oracle +1
NVD
EPSS 0% CVSS 3.0
LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Hashicorp Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Integrated Lights Out Manager Firmware
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Business Intelligence
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.4.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Gecko Software Development Kit
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

On unix-like systems, the temporary directory is shared between all user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Apple Atlassian +4
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Oracle Denial Of Service Sun Zfs Storage Appliance Kit
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Denial Of Service Solaris
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Solaris
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Outside In Technology
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Webcenter Content
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Oracle Denial Of Service Authentication Bypass +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Banking Trade Finance
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable.

Oracle Denial Of Service Authentication Bypass +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Flexcube Universal Banking
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle +2
NVD
Prev Page 12 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy