oracle

10,202 tracked vulnerabilities.

CVE-2025-21536 MEDIUM
MySQL Server <= 8.0.39 - Authenticated Denial of Service in Optimizer
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21535 CRITICAL
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Remote Code Execution via T3, IIOP
Jan 21, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-21534 MEDIUM
MySQL Server < 8.0.39 - Authenticated Denial of Service in Performance Schema
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21533 MEDIUM
Oracle VM VirtualBox < 7.0.24 and < 7.1.6 - Unauthorized Data Access via Core Component
Jan 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21532 HIGH
Oracle Analytics Desktop < 8.1.0 - Incorrect Default Permissions in Install Component
Jan 21, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-21531 MEDIUM
Oracle MySQL Server < 8.0.40, < 8.4.3, <= 9.1.0 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21530 MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.60 and 8.61 - Unauthorized Data Read via Panel Processor
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21529 MEDIUM
MySQL Server < 8.0.40, 8.4.3, 9.1.0 - Authenticated Denial of Service in Information Schema
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21528 MEDIUM
Oracle Primavera P6 EPM 20.12.1.0-23.12.10.0 - Unauthenticated CSRF
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21527 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Missing Authorization via HTTP
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21526 MEDIUM
Oracle Primavera P6 EPM 20.12.1.0-23.12.10.0 - Cross-Site Request Forgery
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21525 MEDIUM
MySQL Server < 8.0.39 - Authenticated Denial of Service in DDL Component
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21524 CRITICAL
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Remote Code Execution via Monitoring and Diagnostics
Jan 21, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-21523 MEDIUM
MySQL Server < 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21522 MEDIUM
MySQL Server < 8.0.40 - Denial of Service in Parser
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21521 HIGH
MySQL Server < 8.0.39 - Unauthenticated Denial of Service in Thread Pooling
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21520 LOW
Oracle MySQL Server 8.0.40 and prior, 8.4.3 and prior, 9.1.0 and prior - Unauthorized Read Access via Server Options
Jan 21, 2025
CVSS 1.8
EPSS 0.00
CVE-2025-21519 MEDIUM
MySQL Server < 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in Privilege Handling
Jan 21, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-21518 MEDIUM
MySQL Server <= 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21517 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthorized Data Manipulation via Web Runtime SEC
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21516 HIGH
Oracle E-Business Suite 12.2.5-12.2.13 - Authenticated Incorrect Authorization in Service Requests
Jan 21, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-21515 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Authenticated Remote Code Execution via Web Runtime SEC
Jan 21, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-21514 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Read via Web Runtime SEC
Jan 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-21513 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Cross-Site Request Forgery
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21512 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Open Redirect in Web Runtime SEC
Jan 21, 2025
CVSS 6.1
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV