Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2020-20950 MEDIUM This Month

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Public Key Cryptography Standards 1 Microchip Libraries For Applications
NVD VulDB
CVSS 3.1
5.9
EPSS
0.9%
CVE-2020-35728 Maven HIGH PATCH Act Now

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 41.1%.

Apache Oracle Deserialization Jackson Databind Debian Linux +38
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
41.1%
CVE-2020-14874 MEDIUM This Month

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Cloud Infrastructure Identity And Access Management
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2020-14750 CRITICAL POC KEV PATCH THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Information Disclosure Weblogic Server
NVD GitHub
CVSS 3.1
9.8
EPSS
99.3%
CVE-2020-3585 LOW PATCH Monitor

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Cisco Microsoft Information Disclosure Firepower Threat Defense +1
NVD
CVSS 3.1
3.7
EPSS
1.2%
CVE-2020-14901 MEDIUM This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
4.9
EPSS
1.5%
CVE-2020-14900 MEDIUM This Month

Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-14899 MEDIUM This Month

Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-14898 MEDIUM This Month

Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-14897 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14896 MEDIUM This Month

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14895 MEDIUM This Month

Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Utilities Framework
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-14894 MEDIUM This Month

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14893 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-14892 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-14891 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14890 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2020-14889 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2020-14888 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14887 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14886 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14885 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14884 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14883 HIGH POC KEV THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD GitHub
CVSS 3.1
7.2
EPSS
97.9%
CVE-2020-14882 CRITICAL POC KEV THREAT Emergency

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
100.0%
CVE-2020-14881 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14880 HIGH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
8.5
EPSS
1.3%
CVE-2020-14879 HIGH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
8.5
EPSS
1.3%
CVE-2020-14878 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL
NVD
CVSS 3.1
8.0
EPSS
1.2%
CVE-2020-14877 MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Opera 5 Property Services
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14876 CRITICAL Act Now

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
9.1
EPSS
2.8%
CVE-2020-14875 CRITICAL Act Now

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
9.1
EPSS
2.2%
CVE-2020-14873 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.4
EPSS
2.3%
CVE-2020-14872 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-14871 CRITICAL POC KEV PATCH THREAT Act Now

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Oracle Memory Corruption Solaris
NVD Exploit-DB
CVSS 3.1
10.0
EPSS
80.3%
CVE-2020-14870 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14869 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14868 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-14867 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.4
EPSS
1.9%
CVE-2020-14866 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14865 HIGH This Week

Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection product of Oracle PeopleSoft (component: eSupplier Connection). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Esupplier Connection
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2020-14864 HIGH POC KEV THREAT This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Path Traversal Business Intelligence
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
97.2%
CVE-2020-14863 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2020-14862 HIGH This Week

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Internal Operations). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Universal Work Queue
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-14861 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14860 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
2.7
EPSS
1.3%
CVE-2020-14859 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2020-14858 MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Opera 5 Property Services
NVD
CVSS 3.1
6.8
EPSS
1.4%
CVE-2020-14857 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14856 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2020-14855 CRITICAL Act Now

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Universal Work Queue
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-14854 MEDIUM This Month

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI and Visualization). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Infrastructure Technology
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-14853 MEDIUM This Month

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Cluster Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.6
EPSS
0.9%
CVE-2020-14852 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-14851 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2020-14850 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Flex Fields). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2020-14849 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14848 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14847 LOW Monitor

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
2.7
EPSS
1.0%
CVE-2020-14846 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14845 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14844 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14843 HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Business Intelligence
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-14842 HIGH PATCH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-14841 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
52.0%
CVE-2020-14840 MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Application Object Library
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-14839 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14838 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2020-14837 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14836 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14835 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14834 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14833 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14832 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14831 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14830 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14829 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-14828 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2020-14827 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-14826 MEDIUM This Month

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: SQL Extensions). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Manager
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-14825 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
30.1%
CVE-2020-14824 HIGH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
8.6
EPSS
1.8%
CVE-2020-14823 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-14822 MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Installed Base
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-14821 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14820 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
4.4%
CVE-2020-14819 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14818 LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
3.0
EPSS
0.7%
CVE-2020-14817 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14816 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
EPSS 1% CVSS 5.9
MEDIUM This Month

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Public Key Cryptography Standards 1 +1
NVD VulDB
EPSS 41% CVSS 8.1
HIGH PATCH Act Now

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 41.1%.

Apache Oracle Deserialization +40
NVD GitHub VulDB
EPSS 1% CVSS 4.7
MEDIUM This Month

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Cloud Infrastructure Identity And Access Management
NVD
EPSS 99% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Information Disclosure Weblogic Server
NVD GitHub
EPSS 1% CVSS 3.7
LOW PATCH Monitor

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Oracle Cisco Microsoft +3
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the RDBMS Security component of Oracle Database Server. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Application Express
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Payments
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Utilities Framework
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Corporate Lending
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 98% CVSS 7.2
HIGH POC KEV THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD GitHub
EPSS 100% CVSS 9.8
CRITICAL POC KEV THREAT Emergency

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD Exploit-DB
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 1% CVSS 8.5
HIGH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
EPSS 1% CVSS 8.5
HIGH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
EPSS 1% CVSS 8.0
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Opera 5 Property Services
NVD
EPSS 3% CVSS 9.1
CRITICAL Act Now

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox
NVD
EPSS 80% CVSS 10.0
CRITICAL POC KEV PATCH THREAT Act Now

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Oracle Memory Corruption +1
NVD Exploit-DB
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection product of Oracle PeopleSoft (component: eSupplier Connection). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Esupplier Connection
NVD
EPSS 97% CVSS 7.5
HIGH POC KEV THREAT This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Path Traversal +1
NVD Exploit-DB
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Internal Operations). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Universal Work Queue
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL +4
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Opera 5 Property Services
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Universal Work Queue
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI and Visualization). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Infrastructure Technology
NVD
EPSS 1% CVSS 4.6
MEDIUM This Month

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Cluster +4
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Flex Fields). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Business Intelligence
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
EPSS 52% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Application Object Library
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL +4
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL +4
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: SQL Extensions). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Manager
NVD
EPSS 30% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 2% CVSS 8.6
HIGH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Financial Services Analytical Applications Infrastructure
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Installed Base
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 4% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
EPSS 1% CVSS 3.0
LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
Prev Page 25 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy