oracle

10,202 tracked vulnerabilities.

CVE-2025-21587 HIGH
Oracle Java SE 8u441, 11.0.26, 17.0.14, 21.0.6, 24; GraalVM - Unauthenticated Access Control in JSSE
Apr 15, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-21586 MEDIUM
Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.9.2 - Authenticated Improper Access Control in Web Runtime SEC
Apr 15, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21585 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Server Optimizer
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21584 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Server: DDL
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21583 MEDIUM
MySQL Server 8.4.0 and 9.0.0 - Denial of Service in Server: DDL
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21582 MEDIUM
Oracle CRM Technical Foundation 12.2.3-12.2.14 - Unauthenticated Incorrect Authorization in Preferences
Apr 15, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21581 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Optimizer
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21580 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Server: DML
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21579 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Server Options
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21578 MEDIUM
Oracle Secure Backup 12.1.0.1-12.1.0.3, 18.1.0.0-18.1.0.2 - Authenticated Privilege Escalation
Apr 15, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-21577 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in InnoDB
Apr 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21576 MEDIUM
Oracle Commerce Platform 11.3.0-11.3.2 - Cross-Site Request Forgery in Dynamo Personalization Server
Apr 15, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21575 MEDIUM
MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in Server Parser
Apr 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21574 MEDIUM
Oracle MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in Parser
Apr 15, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21573 MEDIUM
Oracle Financial Services Revenue Man... - Improper Access Control
Apr 15, 2025
CVSS 6.0
EPSS 0.01
CVE-2025-21571 HIGH
Oracle VM VirtualBox < 7.0.24 - Authenticated Unauthorized Data Access and Partial Denial of Service
Jan 21, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-21570 MEDIUM
Oracle Life Sciences Argus Safety 8.2.3 - Unauthenticated Incorrect Authorization in Login Component
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21569 MEDIUM
Oracle Hyperion Data Relationship Management 11.2.19.0.000 - Incorrect Authorization in Web Services
Jan 21, 2025
CVSS 6.6
EPSS 0.01
CVE-2025-21568 MEDIUM
Oracle Hyperion Data Relationship Management 11.2.19.0.000 - Unauthorized Data Access via Access and Security Component
Jan 21, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-21567 MEDIUM
MySQL Server < 9.1.0 - Unauthorized Data Access via Privilege Misconfiguration
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21566 MEDIUM
MySQL Server < 9.1.0 - Denial of Service in Server Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21565 HIGH
Oracle Agile PLM Framework 9.3.6 - Unauthenticated Incorrect Authorization via HTTP
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21564 HIGH
Oracle Agile PLM Framework 9.3.6 - Unauthorized Data Access and Denial of Service via Agile Integration Services
Jan 21, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-21563 MEDIUM
Oracle PeopleSoft Enterprise CC Common Application Objects 9.2 - Incorrect Authorization in Run Control Management
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21562 MEDIUM
Oracle PeopleSoft Enterprise CC Common Application Objects 9.2 - Unauthorized Data Access via Run Control Management
Jan 21, 2025
CVSS 4.3
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV