Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2020-2806 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-2805 HIGH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +18
NVD
CVSS 3.1
8.3
EPSS
4.1%
CVE-2020-2804 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
5.9
EPSS
3.3%
CVE-2020-2803 HIGH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +18
NVD
CVSS 3.1
8.3
EPSS
6.2%
CVE-2020-2802 HIGH This Week

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Graalvm
NVD
CVSS 3.1
7.7
EPSS
1.3%
CVE-2020-2801 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-2800 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.8
EPSS
2.9%
CVE-2020-2799 MEDIUM This Month

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Graalvm
NVD
CVSS 3.1
6.3
EPSS
0.9%
CVE-2020-2798 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
CVSS 3.1
7.2
EPSS
8.0%
CVE-2020-2797 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2796 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-2795 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 6.3). No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
CVSS 3.1
6.3
EPSS
0.7%
CVE-2020-2794 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Email Address list and Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-2793 HIGH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2791 CRITICAL Act Now

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2020-2790 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-2789 MEDIUM This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Isupport
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2787 HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2020-2786 HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2020-2785 HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2020-2784 HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.2%
CVE-2020-2783 MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Outside In Technology
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-2782 HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-2781 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +19
NVD
CVSS 3.1
5.3
EPSS
4.9%
CVE-2020-2780 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +5
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-2779 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2778 LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
2.3%
CVE-2020-2777 MEDIUM This Month

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Management
NVD
CVSS 3.1
4.2
EPSS
0.8%
CVE-2020-2776 HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
8.6
EPSS
1.8%
CVE-2020-2775 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-2774 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2773 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +19
NVD
CVSS 3.1
3.7
EPSS
3.6%
CVE-2020-2772 MEDIUM This Month

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Absence Recording, Maintenance). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.1
4.1
EPSS
0.9%
CVE-2020-2771 LOW POC Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Whodo). Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
2.5
EPSS
0.5%
CVE-2020-2770 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2020-2769 LOW Monitor

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2020-2768 MEDIUM This Month

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.3
EPSS
1.3%
CVE-2020-2767 MEDIUM This Month

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.8
EPSS
2.1%
CVE-2020-2766 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2020-2765 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-2764 LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Java Advanced Management Console
NVD
CVSS 3.1
3.7
EPSS
2.4%
CVE-2020-2763 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-2762 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2761 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2020-2760 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Leap Fedora +6
NVD
CVSS 3.1
5.5
EPSS
3.0%
CVE-2020-2759 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2758 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Use After Free Memory Corruption Information Disclosure Vm Virtualbox +1
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-2757 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service Deserialization Jdk +20
NVD
CVSS 3.1
3.7
EPSS
4.2%
CVE-2020-2756 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service Deserialization Jdk +19
NVD
CVSS 3.1
3.7
EPSS
4.2%
CVE-2020-2755 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
3.9%
CVE-2020-2754 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +10
NVD
CVSS 3.1
3.7
EPSS
4.1%
CVE-2020-2753 MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Notification Mailer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Workflow
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-2752 MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL MariaDB Fedora +5
NVD
CVSS 3.1
5.3
EPSS
2.3%
CVE-2020-2751 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2750 HIGH This Week

Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass General Ledger
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-2749 LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF command svcbundle). Rated low severity (CVSS 2.5). No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
2.5
EPSS
0.5%
CVE-2020-2748 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
3.2
EPSS
0.5%
CVE-2020-2747 MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Access Manager
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-2746 HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2020-2745 MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Access Manager
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2020-2744 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-2743 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Authentication Bypass Information Disclosure Vm Virtualbox +1
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2020-2742 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Integer Overflow Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-2741 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Authentication Bypass Information Disclosure Vm Virtualbox +1
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2020-2740 MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Access Manager
NVD
CVSS 3.1
4.6
EPSS
0.8%
CVE-2020-2739 HIGH This Week

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Webcenter Sites
NVD
CVSS 3.1
7.4
EPSS
1.9%
CVE-2020-2738 MEDIUM This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI, SWSE). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-2737 MEDIUM This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Database Server
NVD
CVSS 3.1
6.4
EPSS
1.0%
CVE-2020-2735 HIGH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-2734 LOW Monitor

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2020-2733 CRITICAL POC THREAT Act Now

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
9.8
EPSS
18.6%
CVE-2020-2706 MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-2594 MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-2553 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2020-2524 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: InQuira Search). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Knowledge
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2020-2522 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-2514 MEDIUM This Month

Vulnerability in the Oracle Application Express component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Application Express
NVD
CVSS 3.1
4.6
EPSS
0.7%
CVE-2020-9402 PyPI HIGH POC PATCH THREAT This Week

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Python SQLi Oracle Django Debian Linux +3
NVD
CVSS 3.1
8.8
EPSS
22.5%
CVE-2020-7221 HIGH POC This Week

mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Oracle MariaDB
NVD GitHub
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-2731 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
3.9
EPSS
0.4%
CVE-2020-2730 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload Oracle Revenue Management And Billing
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-2729 MEDIUM PATCH This Month

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Identity Manager
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-2728 HIGH PATCH This Week

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Identity Manager
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-2727 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2020-2726 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-2725 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-2724 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-2723 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2722 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2020-2721 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
6.5
EPSS
1.3%
EPSS 2% CVSS 5.3
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 4% CVSS 8.3
HIGH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure +20
NVD
EPSS 3% CVSS 5.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 6% CVSS 8.3
HIGH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure +20
NVD
EPSS 1% CVSS 7.7
HIGH This Week

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Graalvm
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 3% CVSS 4.8
MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +20
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Graalvm
NVD
EPSS 8% CVSS 7.2
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Weblogic Server
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 6.3). No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Email Address list and Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Knowledge
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Isupport
NVD
EPSS 1% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 7.3
HIGH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Outside In Technology
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 5% CVSS 5.3
MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Denial Of Service Oracle +21
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +7
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +20
NVD
EPSS 1% CVSS 4.2
MEDIUM This Month

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Management
NVD
EPSS 2% CVSS 8.6
HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle +21
NVD
EPSS 1% CVSS 4.1
MEDIUM This Month

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Absence Recording, Maintenance). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Human Resources
NVD
EPSS 1% CVSS 2.5
LOW POC Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Whodo). Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.

Oracle Authentication Bypass Solaris
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.8
MEDIUM This Month

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +20
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +1
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 3% CVSS 5.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +8
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Use After Free Memory Corruption +3
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service +22
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service +21
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle +20
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle +12
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Notification Mailer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Workflow
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +7
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass General Ledger
NVD
EPSS 1% CVSS 2.5
LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF command svcbundle). Rated low severity (CVSS 2.5). No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
EPSS 1% CVSS 3.2
LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Information Disclosure +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Access Manager
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Access Manager
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Authentication Bypass +3
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Integer Overflow +2
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Authentication Bypass +3
NVD
EPSS 1% CVSS 4.6
MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Access Manager
NVD
EPSS 2% CVSS 7.4
HIGH This Week

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Webcenter Sites
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI, SWSE). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Siebel Ui Framework
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Information Disclosure Database Server
NVD
EPSS 1% CVSS 8.0
HIGH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure +1
NVD
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Database Server
NVD
EPSS 19% CVSS 9.8
CRITICAL POC THREAT Act Now

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Jd Edwards Enterpriseone Tools
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Primavera P6 Enterprise Project Portfolio Management
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Project Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: InQuira Search). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Oracle Knowledge
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
EPSS 1% CVSS 4.6
MEDIUM This Month

Vulnerability in the Oracle Application Express component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Application Express
NVD
EPSS 23% CVSS 8.8
HIGH POC PATCH THREAT This Week

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Python SQLi Oracle +5
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Oracle MariaDB
NVD GitHub
EPSS 0% CVSS 3.9
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.

Denial Of Service Oracle Database Server
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload Oracle Revenue Management And Billing
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Identity Manager
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Identity Manager
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Oracle Authentication Bypass Vm Virtualbox
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
Prev Page 31 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy