Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2020-14551 MEDIUM PATCH This Month

Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Autovue
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-14550 MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2020-14549 MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Server). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2020-14548 LOW Monitor

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
3.4
EPSS
0.9%
CVE-2020-14547 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-14546 MEDIUM This Month

Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Close Management
NVD
CVSS 3.1
4.2
EPSS
0.8%
CVE-2020-14545 MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). Rated medium severity (CVSS 5.0). No vendor patch available.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.0
EPSS
0.3%
CVE-2020-14544 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-14543 HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Reporting And Analytics
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2020-14542 LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2020-14541 LOW Monitor

Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Close Management
NVD
CVSS 3.1
2.0
EPSS
0.7%
CVE-2020-14540 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14539 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-14537 MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Packaging Scripts). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-14536 HIGH This Week

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Experience Manager Commerce Guided Search
NVD
CVSS 3.1
7.4
EPSS
1.6%
CVE-2020-14535 HIGH This Week

Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Service Center
NVD
CVSS 3.1
7.4
EPSS
1.6%
CVE-2020-14534 HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-14533 LOW Monitor

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Commerce Platform
NVD
CVSS 3.1
3.5
EPSS
0.7%
CVE-2020-14532 MEDIUM This Month

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Commerce Platform
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-14531 MEDIUM This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2020-14530 MEDIUM This Month

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: None). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Security Service
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2020-14529 MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Investor Module). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-14528 MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14527 MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2020-15476 HIGH POC PATCH This Week

In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Oracle Information Disclosure Ndpi Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2020-14061 Maven HIGH PATCH This Week

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Oracle Deserialization Jackson Databind Active Iq Unified Manager Steelstore Cloud Integrated Storage +12
NVD GitHub
CVSS 3.1
8.1
EPSS
4.4%
CVE-2020-13249 HIGH PATCH This Week

libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Connector C Leap Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
2.8%
CVE-2020-9315 HIGH POC THREAT This Week

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Iplanet Web Server
NVD
CVSS 3.1
7.5
EPSS
81.8%
CVE-2020-9314 MEDIUM POC This Month

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oracle Iplanet Web Server
NVD
CVSS 3.1
4.8
EPSS
1.3%
CVE-2020-2575 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-2964 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Data Foundation product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Data Foundation
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2963 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2020-2961 CRITICAL PATCH Act Now

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Enterprise Manager Base Platform
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-2959 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
8.6
EPSS
2.6%
CVE-2020-2958 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-2956 HIGH PATCH This Week

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.1
8.1
EPSS
2.0%
CVE-2020-2955 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Core Banking product of Oracle Financial Services Applications (component: Transaction Processing). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Flexcube Core Banking
NVD
CVSS 3.1
6.3
EPSS
0.9%
CVE-2020-2954 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle PeopleSoft (component: Candidate Gateway). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Candidate Gateway
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2953 CRITICAL PATCH Act Now

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2020-2952 MEDIUM PATCH This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Http Server
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-2951 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-2950 CRITICAL PATCH Act Now

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Business Intelligence
NVD
CVSS 3.1
9.8
EPSS
71.0%
CVE-2020-2949 MEDIUM This Month

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Coherence
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-2947 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Absence Management
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-2946 MEDIUM PATCH This Month

Vulnerability in the Application Performance Management product of Oracle Enterprise Manager (component: EM Request Monitoring). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Authentication Bypass Application Performance Management
NVD
CVSS 3.1
6.0
EPSS
1.3%
CVE-2020-2945 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management product of Oracle Financial Services Applications (component: User Interfaces). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Deposit Insurance Calculations For Liquidity Risk Management
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2020-2944 HIGH POC PATCH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-2943 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Liquidity Risk Measurement and Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Liquidity Risk Measurement And Management
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2942 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Price Creation and Discovery product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Price Creation And Discovery
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2941 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Funds Transfer Pricing product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Funds Transfer Pricing
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2940 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Profitability Management
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2939 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Asset Liability Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Asset Liability Management
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2938 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Loan Loss Forecasting And Provisioning
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2937 HIGH PATCH This Week

Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Insurance Accounting Analyzer
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2936 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Balance Sheet Planning product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Balance Sheet Planning
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2935 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Hedge Management And Ifrs Valuations
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2934 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Mysql Connector J Fedora Debian Linux +1
NVD
CVSS 3.1
5.0
EPSS
3.2%
CVE-2020-2933 LOW Monitor

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Connector J Fedora Debian Linux
NVD
CVSS 3.1
2.2
EPSS
1.5%
CVE-2020-2932 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Knowledge
NVD
CVSS 3.1
5.9
EPSS
1.5%
CVE-2020-2931 CRITICAL Act Now

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Web Applications - InfoCenter). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-2930 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.4
EPSS
1.7%
CVE-2020-2929 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-2928 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2927 HIGH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 7.8). No vendor patch available.

Oracle Information Disclosure Solaris
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-2926 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora
NVD
CVSS 3.1
4.4
EPSS
1.9%
CVE-2020-2925 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2924 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.5%
CVE-2020-2923 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2922 LOW Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 3.1
3.7
EPSS
2.4%
CVE-2020-2921 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Fedora
NVD
CVSS 3.1
4.4
EPSS
1.8%
CVE-2020-2920 MEDIUM This Month

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-2915 CRITICAL Act Now

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Coherence
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-2914 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.0). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2020-2913 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.0). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2020-2912 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Self-Service). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
CVSS 3.1
5.0
EPSS
0.9%
CVE-2020-2911 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-2910 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox Leap
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-2909 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
2.8
EPSS
0.9%
CVE-2020-2908 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-2907 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-2906 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Supplier Change). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-2905 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-2904 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2903 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2902 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Memory Corruption Vm Virtualbox Leap
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-2901 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-2900 LOW Monitor

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Graalvm
NVD
CVSS 3.1
3.7
EPSS
0.7%
CVE-2020-2899 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2020-2898 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.5%
CVE-2020-2897 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Autovue
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Server). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
EPSS 1% CVSS 3.4
LOW Monitor

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Business Intelligence
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 4.2
MEDIUM This Month

Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Close Management
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). Rated medium severity (CVSS 5.0). No vendor patch available.

Denial Of Service Oracle Solaris
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Reporting And Analytics
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 2.0
LOW Monitor

Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Close Management
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Packaging Scripts). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
EPSS 2% CVSS 7.4
HIGH This Week

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Experience Manager +1
NVD
EPSS 2% CVSS 7.4
HIGH This Week

Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Service Center
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 3.5
LOW Monitor

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Commerce Platform
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Commerce Platform
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Siebel Ui Framework
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: None). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Security Service
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Investor Module). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Primavera Portfolio Management
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Oracle Information Disclosure +2
NVD GitHub
EPSS 4% CVSS 8.1
HIGH PATCH This Week

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Oracle Deserialization Jackson Databind +14
NVD GitHub
EPSS 3% CVSS 8.8
HIGH PATCH This Week

libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Connector C +2
NVD GitHub
EPSS 82% CVSS 7.5
HIGH POC THREAT This Week

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Iplanet Web Server
NVD
EPSS 1% CVSS 4.8
MEDIUM POC This Month

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oracle Iplanet Web Server
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Data Foundation product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Data Foundation
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Enterprise Manager Base Platform
NVD
EPSS 3% CVSS 8.6
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Human Resources
NVD
EPSS 1% CVSS 6.3
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Core Banking product of Oracle Financial Services Applications (component: Transaction Processing). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Flexcube Core Banking
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle PeopleSoft (component: Candidate Gateway). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Candidate Gateway
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Retail Customer Management And Segmentation Foundation
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Http Server
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 71% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Information Disclosure Business Intelligence
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Coherence
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Absence Management
NVD
EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

Vulnerability in the Application Performance Management product of Oracle Enterprise Manager (component: EM Request Monitoring). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Authentication Bypass +1
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Deposit Insurance Calculations for Liquidity Risk Management product of Oracle Financial Services Applications (component: User Interfaces). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Deposit Insurance Calculations For Liquidity Risk Management
NVD
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Oracle Solaris
NVD Exploit-DB
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Liquidity Risk Measurement and Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Liquidity Risk Measurement And Management
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Price Creation and Discovery product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Price Creation And Discovery
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Funds Transfer Pricing product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Funds Transfer Pricing
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Profitability Management
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Asset Liability Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Asset Liability Management
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Loan Loss Forecasting And Provisioning
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Insurance Accounting Analyzer
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Balance Sheet Planning product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Balance Sheet Planning
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Hedge Management And Ifrs Valuations
NVD
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Mysql Connector J +3
NVD
EPSS 2% CVSS 2.2
LOW Monitor

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle Mysql Connector J +2
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Knowledge
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Web Applications - InfoCenter). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). Rated high severity (CVSS 7.8). No vendor patch available.

Oracle Information Disclosure Solaris
NVD
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +1
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass MySQL +6
NVD
EPSS 2% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Agile Product Lifecycle Management
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Coherence
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.0). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.0). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Self-Service). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cs Campus Community
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox +1
NVD
EPSS 1% CVSS 2.8
LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Supplier Change). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Vm Virtualbox +1
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Memory Corruption +2
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 3.7
LOW Monitor

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Graalvm
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
Prev Page 29 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy