Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2025-31884 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CMS Ninja Norse Rune Oracle Plugin allows Stored XSS.4.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle XSS
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2022-49337 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock When user_dlm_destroy_lock failed, it didn't clean up the flags it set. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Python Oracle Information Disclosure Linux Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-36259 HIGH POC This Week

Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Authentication Bypass Odoo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-1231 MEDIUM This Month

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Devolutions Server
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-21571 HIGH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-21570 MEDIUM This Month

Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Argus Safety
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2025-21569 MEDIUM This Month

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Web Services). Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
6.6
EPSS
0.6%
CVE-2025-21568 MEDIUM Monitor

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
4.5
EPSS
0.3%
CVE-2025-21567 MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL Red Hat
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-21566 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server MySQL Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21565 HIGH This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21564 HIGH This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2025-21563 MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cc Common Application Objects
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21562 MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cc Common Application Objects
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2025-21561 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Scm Purchasing
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2025-21560 MEDIUM This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-21559 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21558 MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21557 MEDIUM This Month

Vulnerability in Oracle Application Express (component: General). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Application Express
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21556 CRITICAL This Week

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
9.9
EPSS
1.0%
CVE-2025-21555 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21554 MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Communications Order And Service Management
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2025-21553 MEDIUM Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Java Virtual Machine
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2025-21552 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Orchestrator
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-21551 MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: File system). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-21550 MEDIUM This Month

Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: Web UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Financial Services Behavior Detection Platform
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-21549 HIGH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-21548 MEDIUM This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Oracle Denial Of Service Mysql Connector Python
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-21547 CRITICAL This Week

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Denial Of Service Hospitality Opera 5
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2025-21546 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2025-21545 HIGH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21544 MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Communications Order And Service Management
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21543 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster Mysql Server MySQL +2
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21542 MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Communications Order And Service Management
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-21541 MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens and Grants UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Workflow
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21540 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-21539 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft (component: eSettlements). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Esettlements
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21538 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-21537 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft (component: Cash Management). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Cash Management
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-21536 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21535 CRITICAL This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-21534 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21533 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21532 HIGH This Month

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Analytics Desktop
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-21531 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster Mysql Server MySQL +2
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21530 MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21529 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21528 MEDIUM Monitor

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-21527 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2025-21526 MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-21525 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21524 CRITICAL This Week

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2025-21523 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21522 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21521 HIGH PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-21520 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated low severity (CVSS 1.8). No vendor patch available.

Authentication Bypass Oracle Mysql Cluster Mysql Server MySQL
NVD
CVSS 3.1
1.8
EPSS
0.0%
CVE-2025-21519 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-21518 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster Mysql Server MySQL +2
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21517 MEDIUM Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-21516 HIGH This Month

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service Requests). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2025-21515 HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2025-21514 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-21513 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-21512 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-21511 HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-21510 HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21509 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21508 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21507 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-21506 HIGH This Month

Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Technology Foundation). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2025-21505 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21504 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2025-21503 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21502 MEDIUM PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Graalvm For Jdk +12
NVD
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-21501 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21500 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-21499 MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21498 MEDIUM This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Http Server
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-21497 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-21495 MEDIUM Monitor

Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Enterprise Firewall
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-21494 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.1). No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-21493 MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-21492 MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21491 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server MySQL Red Hat +1
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-21490 MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server Debian Linux MySQL +2
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2025-21489 MEDIUM This Month

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle E Business Suite
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-21245 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-22556 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows Cross Site Request Forgery.4.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-53832 MEDIUM This Month

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle
NVD
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-49588 MEDIUM This Month

Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SQLi Oracle
NVD
CVSS 3.1
6.8
EPSS
0.3%
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CMS Ninja Norse Rune Oracle Plugin allows Stored XSS.4.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle XSS
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock When user_dlm_destroy_lock failed, it didn't clean up the flags it set. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Python Oracle Information Disclosure +4
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Oracle Authentication Bypass Odoo
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Devolutions Server
NVD
EPSS 0% CVSS 7.3
HIGH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications (component: Login). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Argus Safety
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Web Services). Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
EPSS 0% CVSS 4.5
MEDIUM Monitor

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server +2
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 8.1
HIGH This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cc Common Application Objects
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Run Control Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cc Common Application Objects
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Scm Purchasing
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server +3
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in Oracle Application Express (component: General). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Application Express
NVD
EPSS 1% CVSS 9.9
CRITICAL This Week

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server +3
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Communications Order And Service Management
NVD
EPSS 0% CVSS 4.2
MEDIUM Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Orchestrator
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: File system). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Solaris
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: Web UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Financial Services Behavior Detection Platform
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Weblogic Server
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Python Oracle Denial Of Service +1
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Denial Of Service +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server +1
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Peoplesoft Enterprise Peopletools
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Communications Order And Service Management
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster +4
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Communications Order And Service Management
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens and Grants UI). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Workflow
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Mysql Server +3
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft (component: eSettlements). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Esettlements
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft (component: Cash Management). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Cash Management
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 1% CVSS 9.8
CRITICAL This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Performance Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Analytics Desktop
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster +4
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Oracle Primavera P6 Enterprise Project Portfolio Management
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 1% CVSS 9.8
CRITICAL This Week

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 1.8
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated low severity (CVSS 1.8). No vendor patch available.

Authentication Bypass Oracle Mysql Cluster +2
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Mysql Server +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Cluster +4
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 8.1
HIGH This Month

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service Requests). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 1% CVSS 8.8
HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 8.1
HIGH This Month

Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Technology Foundation). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.8
MEDIUM PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle +14
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.9
MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Http Server
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server +3
NVD
EPSS 0% CVSS 4.4
MEDIUM Monitor

Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Enterprise Firewall
NVD
EPSS 0% CVSS 4.1
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.1). No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.4
MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Denial Of Service Mysql Server +2
NVD
EPSS 0% CVSS 4.9
MEDIUM Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +5
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +3
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Denial Of Service Mysql Server +4
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle E Business Suite
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Jd Edwards Enterpriseone Tools
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows Cross Site Request Forgery.4.1. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable to SQL injections. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SQLi Oracle
NVD
Prev Page 8 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy