Oracle
Monthly
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Download). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Self-Service Human Resources product of Oracle E-Business Suite (component: Workflow, Approval, Work Force Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Vulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft (component: Approval Framework). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Rated medium severity (CVSS 4.2).
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search Integration). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: LLVM Interpreter). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Application Config Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Adapters). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated medium severity (CVSS 5.2).
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.1).
Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). Rated low severity (CVSS 3.3).
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Server). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Download). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Self-Service Human Resources product of Oracle E-Business Suite (component: Workflow, Approval, Work Force Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Vulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft (component: Approval Framework). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Rated medium severity (CVSS 4.2).
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search Integration). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: LLVM Interpreter). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Application Config Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Adapters). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated medium severity (CVSS 5.2).
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware (component: Dashboard). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.1).
Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDoms). Rated low severity (CVSS 3.3).
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Server). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.