oracle

10,202 tracked vulnerabilities.

CVE-2025-21561 MEDIUM
Oracle PeopleSoft Enterprise SCM Purchasing 9.2 - Incorrect Authorization
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21560 MEDIUM
Oracle Agile PLM Framework 9.3.6 - Unauthorized Data Access via SDK
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21559 MEDIUM
MySQL Server < 8.0.40, 8.4.3 and 9.1.0 - Authenticated Denial of Service and Data Manipulation in InnoDB
Jan 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21558 MEDIUM
Oracle Primavera P6 EPPM 20.12.1.0-21.12.20.0 Incorrect Authorization via Web Access
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21557 MEDIUM
Oracle Application Express 23.2 and 24.1 - Incorrect Authorization via HTTP
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21556 CRITICAL
Oracle Agile PLM Framework 9.3.6 - Incorrect Authorization via Agile Integration Services
Jan 21, 2025
CVSS 9.9
EPSS 0.01
CVE-2025-21555 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service and Unauthorized Data Manipulation in InnoDB
Jan 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21554 MEDIUM
Oracle Communications Order and Service Management 7.4.0, 7.4.1, 7.5.0 - Unauthenticated Unauthorized Data Access
Jan 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-21553 MEDIUM
Oracle Java VM 19.3-19.25, 21.3-21.16, 23.4-23.6 - Unauthorized Data Access via Oracle Net
Jan 21, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-21552 MEDIUM
Oracle JD Edwards <9.2.9.2 - Unauthorized Access
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21551 MEDIUM
Oracle Solaris 11 - Unauthorized Data Modification and Denial of Service via File System
Jan 21, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-21550 MEDIUM
Oracle Financial Services Behavior Detection Platform 8.0.8.1, 8.1.2.7, 8.1.2.8 - Cross-Site Request Forgery
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21549 HIGH
Oracle WebLogic Server 14.1.1.0.0 - Unauthenticated Denial of Service via HTTP/2
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21548 MEDIUM
Oracle MySQL Connector/Python < 9.1.0 - Denial of Service via Uncontrolled Resource Consumption
Jan 21, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-21547 CRITICAL
Oracle Hospitality OPERA 5 5.6.19.20, 5.6.25.8, 5.6.26.6, 5.6.27.1 - Unauthenticated Denial of Service via Opera Servlet
Jan 21, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-21546 LOW
MySQL Server < 8.0.40, 8.4.3, 9.1.0 - Authenticated Incorrect Authorization in Privilege Management
Jan 21, 2025
CVSS 3.8
EPSS 0.00
CVE-2025-21545 HIGH
Oracle PeopleSoft Enterprise PeopleTools 8.60 and 8.61 - Unauthenticated Denial of Service via OpenSearch
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21544 MEDIUM
Oracle Communications Order and Service Management <7.5.0 - Info Di...
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21543 MEDIUM
Oracle MySQL Server < 8.0.40, 8.4.3 and prior, 9.1.0 and prior - Denial of Service via Server Packaging
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21542 MEDIUM
Oracle Communications Order and Service Management 7.4.0, 7.4.1, 7.5.0 - Origin Validation Error
Jan 21, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-21541 MEDIUM
Oracle Workflow <12.2.14 - Privilege Escalation
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21540 MEDIUM
MySQL Server < 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Incorrect Authorization in Privilege Handling
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21539 MEDIUM
Oracle PeopleSoft Enterprise FIN eSettlements 9.2 - Incorrect Authorization via HTTP
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21538 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.2 - Unauthenticated Cross-Site Request Forgery
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21537 MEDIUM
PeopleSoft Enterprise FIN Cash Management 9.2 - Incorrect Authorization
Jan 21, 2025
CVSS 5.4
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV