Skip to main content

Oracle

7773 CVEs vendor

Monthly

CVE-2024-21287 HIGH KEV THREAT This Week

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2024-21286 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle PeopleSoft (component: Enterprise Learning Management). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-21285 HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-21284 HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2024-21283 HIGH This Week

Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21282 HIGH This Week

Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21281 MEDIUM This Month

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Request Smuggling Denial Of Service Oracle Banking Liquidity Management
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-21280 HIGH This Week

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Service Contracts
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21279 HIGH This Week

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21278 HIGH This Week

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award Processes). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21277 HIGH This Week

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21276 HIGH This Week

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21275 HIGH This Week

Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21274 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21273 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2024-21272 PyPI HIGH PATCH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Python Oracle MySQL
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-21271 HIGH This Week

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field Service Engineer Portal). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21270 HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21269 HIGH This Week

Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: Compensation Plan). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21268 HIGH This Week

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21267 HIGH This Week

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21266 HIGH This Week

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price List). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21265 HIGH This Week

Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy Flows). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21264 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cost Center Common Application Objects
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-21263 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-21262 MEDIUM This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Authentication Bypass Oncommand Insight Mysql Connectors
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-21261 MEDIUM This Month

Vulnerability in Oracle Application Express (component: General). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Application Express
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2024-21260 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21259 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-21258 MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-21257 LOW Monitor

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). Rated low severity (CVSS 3.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Bi
NVD
CVSS 3.1
3.0
EPSS
0.3%
CVE-2024-21255 HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-21254 HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-21253 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
2.3
EPSS
0.3%
CVE-2024-21252 HIGH This Week

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Product Hub
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21251 LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle Database Server
NVD
CVSS 3.1
3.1
EPSS
0.4%
CVE-2024-21250 HIGH This Week

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Manager Specification). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Process Manufacturing Product Development
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-21249 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Expenses). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Expenses
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21248 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.3). No vendor patch available.

Authentication Bypass Denial Of Service Oracle Vm Virtualbox
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-21247 LOW PATCH Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD
CVSS 3.1
3.8
EPSS
0.6%
CVE-2024-21246 HIGH This Week

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Service Bus
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21244 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL
NVD
CVSS 3.1
2.2
EPSS
0.6%
CVE-2024-21243 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL
NVD
CVSS 3.1
2.2
EPSS
0.6%
CVE-2024-21242 LOW Monitor

Vulnerability in the XML Database component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Xml Database
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2024-21241 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21239 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21238 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2024-21237 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
2.2
EPSS
0.7%
CVE-2024-21236 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-21234 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-21233 MEDIUM This Month

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21232 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
2.2
EPSS
0.7%
CVE-2024-21231 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
3.1
EPSS
0.9%
CVE-2024-21230 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2024-21219 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21218 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21216 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-21215 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-21214 HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2024-21213 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2024-21212 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.4
EPSS
0.9%
CVE-2024-21209 LOW PATCH Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle MySQL
NVD
CVSS 3.1
2.0
EPSS
0.6%
CVE-2024-21207 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21206 MEDIUM This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Enterprise Command Center Framework
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-21205 MEDIUM This Month

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Oracle Fusion Middleware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-21204 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21203 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21202 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Peoplesoft Enterprise People Tools
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-21201 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21200 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21199 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21198 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21197 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21196 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2024-21195 HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Oracle Bi Publisher
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-21194 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21193 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21192 MEDIUM This Month

Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middleware (component: WebLogic Mgmt). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-21191 HIGH This Week

Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2024-21190 HIGH This Week

Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-21172 CRITICAL Act Now

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Hospitality Opera 5
NVD
CVSS 3.1
9.0
EPSS
0.5%
CVE-2024-45843 MEDIUM This Month

Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Mattermost Oracle Mattermost Server
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-45384 Maven MEDIUM PATCH This Month

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Oracle Druid
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2024-21188 MEDIUM This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oracle Financial Services Revenue Management And Billing
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-21185 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-21184 HIGH This Week

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2024-21183 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-21182 HIGH POC KEV THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Authentication Bypass Oracle
NVD VulDB
CVSS 3.1
7.5
EPSS
87.7%
Threat
7.1
CVE-2024-21181 CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-21180 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.1
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH KEV THREAT This Week

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Agile Product Lifecycle Management
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle PeopleSoft (component: Enterprise Learning Management). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Reports). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Banking Liquidity Management
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Global Payroll for Core). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Request Smuggling Denial Of Service Oracle +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Service Contracts
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award Processes). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Oracle Weblogic Server
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Python Oracle +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field Service Engineer Portal). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: Compensation Plan). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price List). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy Flows). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle E Business Suite
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Cost Center Common Application Objects
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Authentication Bypass +2
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM This Month

Vulnerability in Oracle Application Express (component: General). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Application Express
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Authentication Bypass Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Installed Base
NVD
EPSS 0% CVSS 3.0
LOW Monitor

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). Rated low severity (CVSS 3.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Bi
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Bi Publisher
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Product Hub
NVD
EPSS 0% CVSS 3.1
LOW Monitor

Vulnerability in the Java VM component of Oracle Database Server. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Java Oracle +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Manager Specification). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Process Manufacturing Product Development
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Expenses). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Fin Expenses
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.3). No vendor patch available.

Authentication Bypass Denial Of Service Oracle +1
NVD
EPSS 1% CVSS 3.8
LOW PATCH Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Service Bus
NVD
EPSS 1% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL
NVD
EPSS 1% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle MySQL
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Vulnerability in the XML Database component of Oracle Database Server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Xml Database
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Database Core component of Oracle Database Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Database Server
NVD
EPSS 1% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 3.1
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 2.0
LOW PATCH Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Enterprise Command Center Framework
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Oracle +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Oracle Peoplesoft Enterprise People Tools
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Oracle +1
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middleware (component: WebLogic Mgmt). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Fusion Middleware
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Hospitality Opera 5
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Mattermost Oracle +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Padding Oracle vulnerability in Apache Druid extension, druid-pac4j. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Oracle +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Oracle Financial Services Revenue Management And Billing
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Mysql Server
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Oracle Database Server
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Weblogic Server
NVD
EPSS 88% 7.1 CVSS 7.5
HIGH POC KEV THREAT Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Authentication Bypass Oracle
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oracle Weblogic Server
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
Prev Page 9 of 87 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy