oracle

10,202 tracked vulnerabilities.

CVE-2025-21511 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Access via Web Runtime SEC
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21510 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Access via Web Runtime SEC
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21509 MEDIUM
Oracle JD Edwards Enterpriseone Tools < 9.2.9.0 - Resource Allocation Without Limits
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21508 MEDIUM
Oracle JD Edwards Enterpriseone Tools < 9.2.9.0 - Resource Allocation Without Limits
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21507 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Cross-Site Request Forgery in Web Runtime SEC
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21506 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Technology Foundation
Jan 21, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-21505 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in Components Services
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21504 MEDIUM
MySQL Server < 8.0.39, <= 8.4.2, <= 9.0.1 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21503 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21502 MEDIUM
Oracle GraalVM - Incorrect Authorization
Jan 21, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-21501 MEDIUM
MySQL Server < 8.0.40 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21500 MEDIUM
MySQL Server < 8.0.40, 8.4.3, 9.1.0 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-21499 MEDIUM
MySQL Server < 8.4.3 and 9.1.0 - Authenticated Denial of Service in DDL Component
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21498 MEDIUM
Oracle HTTP Server 12.2.1.4.0 - Unauthenticated Unauthorized Data Read via HTTP
Jan 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-21497 MEDIUM
MySQL Server < 8.0.40, 8.4.3 and prior, 9.1.0 and prior - Denial of Service and Unauthorized Data Manipulation in InnoDB
Jan 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21495 MEDIUM
Oracle MySQL Enterprise Firewall <= 8.0.40, <= 8.4.3, 9.1.0 - Denial of Service
Jan 21, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-21494 MEDIUM
MySQL Server < 8.0.39 - Authenticated Denial of Service in Privilege Management
Jan 21, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-21493 MEDIUM
MySQL Server < 8.4.3 and 9.1.0 - Denial of Service in Privilege Security Component
Jan 21, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-21492 MEDIUM
MySQL Server 8.0.0-8.0.36 and 8.4.0 - Authenticated Denial of Service in Optimizer
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21491 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21490 MEDIUM
MySQL Server <= 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-21489 MEDIUM
Oracle E-Business Suite 12.2.3-12.2.10 - Unauthenticated Cross-Site Request Forgery in Region Mapping
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-21245 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Authenticated Origin Validation Error via HTTP
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-9653 MEDIUM
Restaurant Menu - Food Ordering System <= 2.4.2 - Reflected XSS via Action Parameter
Nov 20, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-21287 HIGH KEV
Oracle Agile PLM Framework 9.3.6 - Unauthenticated Incorrect Authorization in Software Development Kit
Nov 18, 2024
CVSS 7.5
EPSS 0.70
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV