Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2023-22112 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22111 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22110 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22109 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Dashboards). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2023-22108 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-22107 MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: UI Components). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Enterprise Command Center Framework
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-22106 MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: API). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Enterprise Command Center Framework
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-22105 MEDIUM PATCH This Month

Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Bi Publisher
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22104 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22103 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2023-22102 Maven HIGH PATCH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Mysql Connector J Oncommand Insight
NVD
CVSS 3.1
8.3
EPSS
0.9%
CVE-2023-22101 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2023-22100 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
7.9
EPSS
0.4%
CVE-2023-22099 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Vm Virtualbox
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2023-22098 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2023-22097 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22096 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22095 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-22094 HIGH PATCH This Week

Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Oracle Denial Of Service Mysql Installer
NVD
CVSS 3.1
7.9
EPSS
0.3%
CVE-2023-22093 MEDIUM PATCH This Month

Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Requisition and Vacancy). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-22092 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22091 MEDIUM PATCH This Month

Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Graalvm For Jdk
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-22090 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Events & Notifications). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Cost Center Common Application Objects
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-22089 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-22088 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: User Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Communications Order And Service Management
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22087 HIGH PATCH This Week

Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Hospitality Opera 5 Property Services
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-22086 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-22085 HIGH PATCH This Week

Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Hospitality Opera 5 Property Services
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-22084 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight Fedora +1
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2023-22083 MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Web UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Enterprise Session Border Controller
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-22082 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22081 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service Graalvm For Jdk Jdk +3
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2023-22080 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-22079 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2023-22078 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22077 MEDIUM PATCH This Month

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2023-22076 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-22075 LOW PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
2.4
EPSS
0.4%
CVE-2023-22074 LOW POC PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2023-22073 MEDIUM PATCH This Month

Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-22072 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-22071 MEDIUM PATCH This Month

Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-22070 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22069 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-22068 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22067 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Oracle Authentication Bypass Jdk Jre +2
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2023-22066 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22065 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22064 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22059 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-22032 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22029 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Commerce Guided Search
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-22028 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22026 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-22025 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Graalvm For Jdk Jdk +3
NVD
CVSS 3.1
3.7
EPSS
0.9%
CVE-2023-22019 HIGH PATCH This Week

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Oracle Http Server
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-22015 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2023-5561 MEDIUM POC This Month

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle WordPress Information Disclosure
NVD WPScan
CVSS 3.1
5.3
EPSS
3.9%
CVE-2023-3440 HIGH This Week

Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Microsoft IBM Jp1 Performance Management
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-42503 Maven MEDIUM PATCH This Month

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.22 before 1.24.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Atlassian Java Apache +1
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-40571 CRITICAL Act Now

weblogic-framework is a tool for detecting weblogic vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Oracle Deserialization Weblogic Framework
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-40033 PHP HIGH PATCH This Week

Flarum is an open source forum software. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Oracle Flarum
NVD GitHub
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-22062 HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Authentication Bypass Hyperion
NVD
CVSS 3.1
8.5
EPSS
0.5%
CVE-2023-22061 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Visual Analyzer). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22060 HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Workspace product of Oracle Hyperion (component: UI and Visualization). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Authentication Bypass Hyperion Workspace
NVD
CVSS 3.1
7.6
EPSS
0.5%
CVE-2023-22058 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.4
EPSS
1.5%
CVE-2023-22057 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.2%
CVE-2023-22056 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.6%
CVE-2023-22055 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-22054 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.2%
CVE-2023-22053 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2023-22052 LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Java Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
3.1
EPSS
0.3%
CVE-2023-22051 LOW PATCH Monitor

Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: GraalVM Compiler). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Graalvm Graalvm For Jdk
NVD
CVSS 3.1
3.7
EPSS
0.4%
CVE-2023-22050 MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Orchestrator
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22049 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Debian Linux Graalvm +8
NVD
CVSS 3.1
3.7
EPSS
1.3%
CVE-2023-22048 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
3.1
EPSS
0.8%
CVE-2023-22047 HIGH POC PATCH THREAT This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Peoplesoft Enterprise
NVD
CVSS 3.1
7.5
EPSS
74.5%
CVE-2023-22046 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2023-22045 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Graalvm Graalvm For Jdk +8
NVD
CVSS 3.1
3.7
EPSS
1.2%
CVE-2023-22044 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Graalvm Graalvm For Jdk +3
NVD
CVSS 3.1
3.7
EPSS
1.1%
CVE-2023-22043 MEDIUM PATCH This Month

Vulnerability in Oracle Java SE (component: JavaFX). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2023-22042 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-22041 MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required.

Java Oracle Authentication Bypass Graalvm Graalvm For Jdk +8
NVD
CVSS 3.1
5.1
EPSS
0.5%
CVE-2023-22040 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Weblogic Server
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-22039 MEDIUM PATCH This Month

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: WebClient). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Agile Plm
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22038 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Mysql Server Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
2.7
EPSS
0.8%
CVE-2023-22037 MEDIUM PATCH This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: MS Excel Specific). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Web Applications Desktop Integrator
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-22036 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service Graalvm Graalvm For Jdk +8
NVD
CVSS 3.1
3.7
EPSS
1.1%
CVE-2023-22035 MEDIUM PATCH This Month

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Oracle XSS E Business Suite
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-22034 MEDIUM PATCH This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
4.9
EPSS
0.4%
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Dashboards). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: UI Components). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Enterprise Command Center Framework
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: API). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Enterprise Command Center Framework
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Bi Publisher
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Mysql Connector J +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 0% CVSS 7.9
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Oracle Information Disclosure Vm Virtualbox
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Authentication Bypass +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 0% CVSS 7.9
HIGH PATCH This Week

Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Oracle Denial Of Service Mysql Installer
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Requisition and Vacancy). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Events & Notifications). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Cost Center Common Application Objects
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: User Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Communications Order And Service Management
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Hospitality Opera 5 Property Services
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Oracle +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Hospitality Opera 5 Property Services
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +3
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Web UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Enterprise Session Border Controller
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Denial Of Service +5
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass E Business Suite
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 1% CVSS 2.4
LOW POC PATCH Monitor

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Denial Of Service Database Server
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Notification Server component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the PL/SQL component of Oracle Database Server. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Database Server
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Oracle Authentication Bypass +4
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Commerce Guided Search
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service MySQL +1
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +5
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Oracle +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service MySQL +1
NVD
EPSS 4% CVSS 5.3
MEDIUM POC This Month

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle WordPress Information Disclosure
NVD WPScan
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Microsoft +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.22 before 1.24.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Atlassian +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

weblogic-framework is a tool for detecting weblogic vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Oracle Deserialization +1
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Flarum is an open source forum software. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Oracle Flarum
NVD GitHub
EPSS 1% CVSS 8.5
HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Authentication Bypass +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Visual Analyzer). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Workspace product of Oracle Hyperion (component: UI and Visualization). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Authentication Bypass +1
NVD
EPSS 1% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Tools
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Java Oracle Authentication Bypass +1
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: GraalVM Compiler). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +2
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Jd Edwards Enterpriseone Orchestrator
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +10
NVD
EPSS 1% CVSS 3.1
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Mysql Server +5
NVD
EPSS 74% CVSS 7.5
HIGH POC PATCH THREAT This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Oracle Authentication Bypass Peoplesoft Enterprise
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +10
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +5
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in Oracle Java SE (component: JavaFX). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +2
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required.

Java Oracle Authentication Bypass +10
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Weblogic Server
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: WebClient). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Agile Plm
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Mysql Server +5
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: MS Excel Specific). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Web Applications Desktop Integrator
NVD
EPSS 1% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Denial Of Service +10
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Oracle XSS E Business Suite
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Unified Audit component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Database Server
NVD
Prev Page 13 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy