oracle

10,202 tracked vulnerabilities.

CVE-2025-30758 MEDIUM
Oracle Siebel CRM Deployment 25.0-25.5 - Unauthenticated Exposure of Sensitive Information via User Interface
Jul 15, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-30756 MEDIUM
Oracle REST Data Services 24.2.0 - Unauthenticated Cross-Site Request Forgery
Jul 15, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-30754 MEDIUM
Oracle GraalVM for JDK 17.0.15, 21.0.7, 24.0.1 - Unauthenticated Improper Access Control via TLS
Jul 15, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-30753 MEDIUM
Oracle WebLogic Server 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 - Denial of Service via HTTP
Jul 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-30752 LOW
Oracle GraalVM for JDK 24.0.1 - Unauthenticated Partial Denial of Service in Compiler
Jul 15, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-30751 HIGH
Oracle Database Server 19.27 and 23.4-23.8 - Authenticated Database Takeover via Oracle Net
Jul 15, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-30750 LOW
Oracle Database Server 19.3-19.27, 21.3-21.18, 23.4-23.8 - Authenticated Unauthorized Data Manipulation in Unified Audit
Jul 15, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-30749 HIGH
Oracle Java SE <24.0.1 - Info Disclosure
Jul 15, 2025
CVSS 8.1
EPSS 0.02
CVE-2025-30748 MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.60-8.62 - Unauthenticated Incorrect Authorization via PIA Core Technology
Jul 15, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-30747 MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.60-8.62 - Unauthenticated Unauthorized Data Access via PIA Core Technology
Jul 15, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-30746 MEDIUM
Oracle iStore 12.2.3-12.2.14 - Unauthenticated Cross-Site Request Forgery in Shopping Cart
Jul 15, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-30745 MEDIUM
Oracle MES for Process Manufacturing 12.2.12-12.2.13 - Unauthenticated Cross-Site Request Forgery in Device Integration
Jul 15, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-30744 HIGH
Oracle Mobile Field Service 12.2.3-12.2.13 - Incorrect Authorization via Multiplatform Sync Errors
Jul 15, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-30743 HIGH
Oracle Lease and Finance Management 12.2.13 - Unauthorized Data Access and Modification via Internal Operations
Jul 15, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-30739 MEDIUM
Oracle CRM Technical Foundation 12.2.11-12.2.13 - Authenticated Incorrect Authorization in Preferences
Jul 15, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-4598 MEDIUM
systemd-coredump - Privilege Escalation
May 30, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-21572 MEDIUM
OpenGrok 1.13.25 - Reflected Cross-Site Scripting via History View Path Segments
May 02, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-30740 MEDIUM
Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.9.2 - Unauthorized Data Access via Web Runtime SEC
Apr 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-30737 MEDIUM
Oracle Hyperion Core Smart View <24.200 - Info Disclosure
Apr 15, 2025
CVSS 5.7
EPSS 0.01
CVE-2025-30736 HIGH
Oracle Java VM 19.3-19.26, 21.3-21.17, 23.4-23.7 - Unauthenticated Improper Access Control
Apr 15, 2025
CVSS 7.4
EPSS 0.01
CVE-2025-30735 HIGH
Oracle PeopleSoft Enterprise CC Common Application Objects 9.2 - Improper Access Control in Page and Field Configuration
Apr 15, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-30733 MEDIUM
Oracle RDBMS Listener 19.3-19.26, 21.3-21.17, 23.4-23.7 - Unauthenticated Improper Authentication via Oracle Net
Apr 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-30732 MEDIUM
Oracle Application Object Library 12.2.3-12.2.14 - Unauthenticated Improper Access Control via HTTP
Apr 15, 2025
CVSS 6.1
EPSS 0.01
CVE-2025-30731 LOW
Oracle Applications Technology Stack 12.2.3-12.2.14 - Unauthenticated Improper Access Control in Configuration
Apr 15, 2025
CVSS 3.6
EPSS 0.00
CVE-2025-30730 HIGH
Oracle Application Object Library 12.2.5-12.2.14 - Unauthenticated Denial of Service via HTTP
Apr 15, 2025
CVSS 7.5
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV