Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2019-2949 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +13
NVD
CVSS 3.1
6.8
EPSS
3.6%
CVE-2019-2948 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2019-2947 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Food And Beverage Applications
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2019-2946 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2019-2945 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Jdk Jre +17
NVD
CVSS 3.1
3.1
EPSS
3.4%
CVE-2019-2944 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
7.3
EPSS
0.6%
CVE-2019-2943 MEDIUM PATCH This Month

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Studio). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Data Integrator
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2019-2942 HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2019-2941 MEDIUM PATCH This Month

Vulnerability in the Hyperion Profitability and Cost Management product of Oracle Hyperion (component: Modeling). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hyperion Enterprise Performance Management Architect
NVD
CVSS 3.1
4.0
EPSS
0.7%
CVE-2019-2940 LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
2.3
EPSS
0.4%
CVE-2019-2939 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2938 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL MariaDB Fedora +6
NVD
CVSS 3.1
4.4
EPSS
3.0%
CVE-2019-2937 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2019-2936 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2019-2935 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-2934 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2019-2933 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +3
NVD
CVSS 3.1
3.1
EPSS
2.3%
CVE-2019-2932 HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Tree Manager). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
7.7
EPSS
1.3%
CVE-2019-2931 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2930 MEDIUM PATCH This Month

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Wireless). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Field Service
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2019-2929 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2927 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
6.4
EPSS
1.1%
CVE-2019-2926 LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
2.3
EPSS
0.6%
CVE-2019-2925 MEDIUM PATCH This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Workflow
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-2924 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2923 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2922 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2920 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2019-2915 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2914 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2019-2913 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
1.1%
CVE-2019-2911 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
2.7
EPSS
2.1%
CVE-2019-2910 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
3.7
EPSS
1.7%
CVE-2019-2909 MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2019-2907 HIGH PATCH This Week

Vulnerability in the Oracle Web Services product of Oracle Fusion Middleware (component: SOAP with Attachments API for Java). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Web Services
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2019-2906 HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
CVSS 3.1
8.2
EPSS
1.7%
CVE-2019-2905 HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
8.6
EPSS
2.0%
CVE-2019-2904 CRITICAL PATCH Act Now

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Application Testing Suite Banking Enterprise Collections Banking Enterprise Originations +19
NVD
CVSS 3.1
9.8
EPSS
14.3%
CVE-2019-2903 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2019-2902 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2019-2901 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
7.3
EPSS
1.3%
CVE-2019-2900 HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-2899 LOW PATCH Monitor

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Application Development Framework Jdeveloper Hyperion Financial Management +1
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2019-2898 MEDIUM PATCH This Month

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2019-2897 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence Enterprise Manager Base Platform Mysql Server
NVD
CVSS 3.1
6.4
EPSS
0.9%
CVE-2019-2896 MEDIUM PATCH This Month

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications (component: Internal Operations). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Micros Relate Customer Relationship Management Software
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2019-2895 HIGH PATCH This Week

Vulnerability in the Enterprise Manager for Exadata product of Oracle Enterprise Manager (component: Exadata Plug-In Deploy and Ins). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Manager
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-2894 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +4
NVD
CVSS 3.1
3.7
EPSS
3.2%
CVE-2019-2891 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2019-2890 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.1
7.2
EPSS
37.6%
CVE-2019-2889 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-2888 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
5.2%
CVE-2019-2887 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2019-2886 MEDIUM PATCH This Month

Vulnerability in the Oracle Forms product of Oracle Fusion Middleware (component: Services). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Forms
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2019-2884 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
5.9
EPSS
1.4%
CVE-2019-2883 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
4.6
EPSS
0.7%
CVE-2019-2872 LOW PATCH Monitor

Vulnerability in the Oracle Retail Xstore Point of Service product of Oracle Retail Applications (component: Point of Sale). Rated low severity (CVSS 2.7).

Authentication Bypass Oracle Retail Xstore Point Of Service
NVD
CVSS 3.1
2.7
EPSS
0.4%
CVE-2019-2765 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.3).

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2019-2734 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2019-10457 Maven MEDIUM This Month

A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Oracle Oracle Cloud Infrastructure Compute Classic
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-10456 Maven MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Oracle CSRF Oracle Cloud Infrastructure Compute Classic
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2019-5507 MEDIUM This Month

SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Snapmanager
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-3730 HIGH This Week

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Bsafe Micro Edition Suite
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2019-1563 LOW Monitor

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Oracle
NVD
CVSS 3.1
3.7
EPSS
3.8%
CVE-2019-11658 MEDIUM This Month

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Content Manager
NVD
CVSS 3.0
4.3
EPSS
0.7%
CVE-2019-5592 MEDIUM This Month

Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Jwt Attack Oracle Fortinet +1
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2019-2879 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2019-2878 MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Sun Zfs Storage Appliance Kit
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-2877 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2019-2876 LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-2875 LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-2874 LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-2873 LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-2871 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2019-2870 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2019-2869 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2019-2868 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2019-2867 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Oracle Memory Corruption Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2019-2866 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2019-2865 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.5).

Information Disclosure Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2019-2864 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.5).

Information Disclosure Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2019-2863 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-2862 MEDIUM PATCH This Month

Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: Java). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Graalvm
NVD
CVSS 3.0
6.8
EPSS
1.1%
CVE-2019-2861 MEDIUM POC PATCH This Month

Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available.

XXE Oracle Hyperion Planning
NVD Exploit-DB
CVSS 3.0
4.2
EPSS
4.3%
CVE-2019-2860 MEDIUM PATCH This Month

Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Clusterware
NVD
CVSS 3.0
5.6
EPSS
1.0%
CVE-2019-2859 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2019-2858 MEDIUM PATCH This Month

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Identity Manager
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2019-2857 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-2856 CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2019-2855 HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
7.3
EPSS
1.2%
EPSS 4% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +15
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Food And Beverage Applications
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +19
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Data Integrator product of Oracle Fusion Middleware (component: Studio). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Data Integrator
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Advanced Outbound Telephony
NVD
EPSS 1% CVSS 4.0
MEDIUM PATCH This Month

Vulnerability in the Hyperion Profitability and Cost Management product of Oracle Hyperion (component: Modeling). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hyperion Enterprise Performance Management Architect
NVD
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 3% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +8
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Reporting And Analytics
NVD
EPSS 2% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +5
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Tree Manager). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Wireless). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Field Service
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle Hyperion Data Relationship Management
NVD
EPSS 1% CVSS 2.3
LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Workflow
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL +5
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL +5
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle MySQL +5
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle MySQL +1
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 2% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL +6
NVD
EPSS 2% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle MySQL +5
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +1
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Oracle Web Services product of Oracle Fusion Middleware (component: SOAP with Attachments API for Java). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Web Services
NVD
EPSS 2% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence Publisher
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
EPSS 14% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Application Testing Suite +21
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Business Intelligence
NVD
EPSS 1% CVSS 2.4
LOW PATCH Monitor

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Application Development Framework +3
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Business Intelligence +2
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications (component: Internal Operations). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Micros Relate Customer Relationship Management Software
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Enterprise Manager for Exadata product of Oracle Enterprise Manager (component: Exadata Plug-In Deploy and Ins). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Oracle Enterprise Manager
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle +6
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Weblogic Server
NVD
EPSS 38% CVSS 7.2
HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Weblogic Server
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 5% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Forms product of Oracle Fusion Middleware (component: Services). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Forms
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Retail Customer Management And Segmentation Foundation
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the Oracle Retail Xstore Point of Service product of Oracle Retail Applications (component: Point of Sale). Rated low severity (CVSS 2.7).

Authentication Bypass Oracle Retail Xstore Point Of Service
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 5.3).

Denial Of Service Oracle Solaris
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Oracle +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A cross-site request forgery vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins Oracle CSRF +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Snapmanager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Bsafe Micro Edition Suite
NVD
EPSS 4% CVSS 3.7
LOW Monitor

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Oracle
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Content Manager
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure Jwt Attack +3
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Sun Zfs Storage Appliance Kit
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Information Disclosure Oracle Berkeley Db
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Oracle Memory Corruption +2
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.5).

Information Disclosure Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 7.5).

Information Disclosure Oracle Vm Virtualbox +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox +1
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: Java). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Graalvm
NVD
EPSS 4% CVSS 4.2
MEDIUM POC PATCH This Month

Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. Public exploit code available.

XXE Oracle Hyperion Planning
NVD Exploit-DB
EPSS 1% CVSS 5.6
MEDIUM PATCH This Month

Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Oracle Clusterware
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Oracle Vm Virtualbox +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Identity Manager
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Ui Framework
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Weblogic Server
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
Prev Page 35 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy