Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2021-2177 CRITICAL PATCH Act Now

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Gateway). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Secure Global Desktop
NVD
CVSS 3.1
10.0
EPSS
2.5%
CVE-2021-2175 LOW POC PATCH Monitor

Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Hashicorp Authentication Bypass Database Server
NVD
CVSS 3.1
2.7
EPSS
1.7%
CVE-2021-2174 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.4
EPSS
1.9%
CVE-2021-2173 MEDIUM POC PATCH This Month

Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD GitHub
CVSS 3.1
4.1
EPSS
1.4%
CVE-2021-2172 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2021-2171 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.4
EPSS
1.8%
CVE-2021-2170 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2169 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2167 HIGH PATCH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Oracle Information Disclosure Solaris
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-2166 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
4.6%
CVE-2021-2164 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2021-2163 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Java Jdk Jre +9
NVD
CVSS 3.1
5.3
EPSS
3.6%
CVE-2021-2162 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-2161 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Java Jdk Jre +10
NVD
CVSS 3.1
5.9
EPSS
3.1%
CVE-2021-2160 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2021-2159 LOW PATCH Monitor

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Frameworks). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Campus Software Campus Community
NVD
CVSS 3.1
3.5
EPSS
0.7%
CVE-2021-2158 LOW PATCH Monitor

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Task Automation). Rated low severity (CVSS 3.9), this vulnerability is remotely exploitable.

Denial Of Service Oracle Hyperion Financial Management
NVD
CVSS 3.1
3.9
EPSS
0.6%
CVE-2021-2157 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: TopLink Integration). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2021-2156 HIGH PATCH This Week

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite (component: Customer Tab). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Customers Online
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2021-2155 MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-2154 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL MariaDB Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.5%
CVE-2021-2153 MEDIUM PATCH This Month

Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Internet Expenses
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-2152 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
4.0
EPSS
0.5%
CVE-2021-2151 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2021-2150 HIGH PATCH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.2
EPSS
0.9%
CVE-2021-2149 LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.5).

Oracle Authentication Bypass Zfs Storage Appliance
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2021-2147 LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). Rated low severity (CVSS 1.8).

Oracle Authentication Bypass Zfs Storage Appliance
NVD
CVSS 3.1
1.8
EPSS
0.3%
CVE-2021-2146 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2021-2145 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-2144 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2021-2142 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-2141 LOW PATCH Monitor

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.1
2.0
EPSS
0.6%
CVE-2021-2140 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Rules Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-2136 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-2135 CRITICAL POC PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
8.4%
CVE-2021-2134 MEDIUM PATCH This Month

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Enterprise Manager
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-2053 MEDIUM POC PATCH This Month

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: UI Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Enterprise Manager Base Platform
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2021-2008 HIGH PATCH This Week

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Enterprise Manager
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2021-29446 npm MEDIUM PATCH This Month

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure Jose Node Cjs Runtime
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-29445 npm MEDIUM PATCH This Month

jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure Jose Node Cjs Runtime
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-29444 npm MEDIUM PATCH This Month

jose-browser-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure Jose Node Cjs Runtime
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-29443 npm MEDIUM PATCH This Month

jose is an npm library providing a number of cryptographic operations. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Node.js Oracle Microsoft Jose
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-27928 HIGH POC THREAT This Week

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Oracle Code Injection MariaDB Percona Server +2
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
38.2%
CVE-2021-2138 MEDIUM This Month

Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Cloud Infrastructure Data Science
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-20949 MEDIUM This Month

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Stm32Cubef0 Stm32Cubef1 Stm32Cubef2 +18
NVD VulDB
CVSS 3.1
5.9
EPSS
0.9%
CVE-2021-2131 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2021-2130 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2021-2129 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
7.9
EPSS
0.5%
CVE-2021-2128 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-2127 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2021-2126 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2125 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
4.6
EPSS
0.5%
CVE-2021-2124 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2123 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
3.2
EPSS
0.5%
CVE-2021-2122 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Oncommand Insight Oncommand Workflow Automation +1
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2021-2121 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2120 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2021-2119 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
1.0%
CVE-2021-2118 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2117 MEDIUM This Month

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express Survey Builder
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-2116 MEDIUM This Month

Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express Opportunity Tracker
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2021-2115 HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications Calendar
NVD
CVSS 3.1
7.6
EPSS
0.9%
CVE-2021-2114 HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Applications Calendar). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications Calendar
NVD
CVSS 3.1
8.2
EPSS
59.3%
CVE-2021-2113 MEDIUM This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: On Demand Billing). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Revenue Management And Billing
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-2112 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2111 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2021-2110 MEDIUM This Month

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications (component: Letters). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Argus Safety
NVD
CVSS 3.1
5.0
EPSS
0.9%
CVE-2021-2109 HIGH POC THREAT This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
70.2%
CVE-2021-2108 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2021-2107 HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2106 HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2105 HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2104 HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2021-2103 HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2021-2102 HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2021-2101 CRITICAL Act Now

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2021-2100 CRITICAL Act Now

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2021-2099 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2098 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2097 HIGH This Week

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Profile). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Isupport
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2096 HIGH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2094 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2093 HIGH This Week

Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2092 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2091 HIGH This Week

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Scripting
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2090 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2089 HIGH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Runtime Catalog). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2021-2088 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Oncommand Insight Oncommand Workflow Automation +1
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2021-2087 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Oncommand Insight Oncommand Workflow Automation +1
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2021-2086 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
EPSS 2% CVSS 10.0
CRITICAL PATCH Act Now

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Gateway). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Secure Global Desktop
NVD
EPSS 2% CVSS 2.7
LOW POC PATCH Monitor

Vulnerability in the Database Vault component of Oracle Database Server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Hashicorp Authentication Bypass +1
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 4.1
MEDIUM POC PATCH This Month

Vulnerability in the Recovery component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database Server
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Oracle Information Disclosure Solaris
NVD
EPSS 5% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 4% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Java +11
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL +4
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Java +12
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Frameworks). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Campus Software Campus Community
NVD
EPSS 1% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Task Automation). Rated low severity (CVSS 3.9), this vulnerability is remotely exploitable.

Denial Of Service Oracle Hyperion Financial Management
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: TopLink Integration). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite (component: Customer Tab). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Customers Online
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Internet Expenses
NVD
EPSS 1% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Business Intelligence
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Istore
NVD
EPSS 0% CVSS 2.5
LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.5).

Oracle Authentication Bypass Zfs Storage Appliance
NVD
EPSS 0% CVSS 1.8
LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). Rated low severity (CVSS 1.8).

Oracle Authentication Bypass Zfs Storage Appliance
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL +5
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 1% CVSS 2.0
LOW PATCH Monitor

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Rules Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 8% CVSS 9.8
CRITICAL POC PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Enterprise Manager
NVD
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: UI Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Enterprise Manager Base Platform
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Enterprise Manager
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

jose-browser-runtime is an npm package which provides a number of cryptographic functions. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Node.js Oracle Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

jose is an npm library providing a number of cryptographic operations. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Node.js Oracle +2
NVD GitHub VulDB
EPSS 38% CVSS 7.2
HIGH POC THREAT This Week

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Oracle Code Injection +4
NVD Exploit-DB
EPSS 0% CVSS 4.6
MEDIUM This Month

Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Cloud Infrastructure Data Science
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Stm32Cubef0 +20
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 7.9
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 3.2
LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +3
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express Survey Builder
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express Opportunity Tracker
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications Calendar
NVD
EPSS 59% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Applications Calendar). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications Calendar
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: On Demand Billing). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Revenue Management And Billing
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications (component: Letters). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Argus Safety
NVD
EPSS 70% CVSS 7.2
HIGH POC THREAT This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD Exploit-DB
EPSS 4% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Interaction History
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Complex Maintenance Repair And Overhaul
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Profile). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Isupport
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Istore
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Common Applications
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Scripting
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Runtime Catalog). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Istore
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +3
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
Prev Page 23 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy