Oracle
Monthly
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 6.3). No vendor patch available.
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Email Address list and Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Absence Recording, Maintenance). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Whodo). Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Notification Mailer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF command svcbundle). Rated low severity (CVSS 2.5). No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI, SWSE). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: InQuira Search). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Application Express component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 6.3). No vendor patch available.
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Email Address list and Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Absence Recording, Maintenance). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Whodo). Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Notification Mailer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF command svcbundle). Rated low severity (CVSS 2.5). No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI, SWSE). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.
Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: InQuira Search). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle Application Express component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.