oracle

10,202 tracked vulnerabilities.

CVE-2024-21261 MEDIUM
Oracle Application Express <24.1 - RCE
Oct 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-21260 HIGH
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Denial of Service via T3, IIOP
Oct 15, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21259 HIGH
Oracle VM VirtualBox < 7.0.22 - Authenticated Remote Code Execution
Oct 15, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21258 MEDIUM
Oracle E-Business Suite <12.2.15 - Info Disclosure
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21257 LOW
Oracle Hyperion BI+ <11.2.18.0 - Info Disclosure
Oct 15, 2024
CVSS 3.0
EPSS 0.00
CVE-2024-21255 HIGH
Oracle PeopleSoft Enterprise PeopleTools 8.59-8.61 - XML External Entity Injection in XMLPublisher
Oct 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21254 HIGH
Oracle BI Publisher 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0 - Missing Authorization via Web Server
Oct 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21253 LOW
Oracle VM VirtualBox < 7.0.22 - Authenticated Partial Denial of Service in Core
Oct 15, 2024
CVSS 2.3
EPSS 0.00
CVE-2024-21252 HIGH
Oracle Product Hub 12.2.3-12.2.13 - Missing Authorization in Item Catalog
Oct 15, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-21251 LOW
Oracle Database Server 19.3-19.24, 21.3-21.15, 23.4-23.5 - Authenticated Data Manipulation in Java VM
Oct 15, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-21250 HIGH
Oracle Process Manufacturing 12.2.13-12.2.14 Missing Authorization in Quality Manager
Oct 15, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-21249 MEDIUM
Oracle PeopleSoft Enterprise FIN Expenses 9.2 - Unauthorized Data Access via Expenses Component
Oct 15, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-21248 MEDIUM
Oracle VM VirtualBox < 7.0.22 - Authenticated Improper Access Control
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21247 LOW
MySQL Client <= 8.0.39, <= 8.4.2, <= 9.0.1 - Authenticated Improper Access Control in mysqldump
Oct 15, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-21246 HIGH
Oracle Service Bus 12.2.1.4.0 - Unauthenticated Missing Authorization via HTTP
Oct 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21244 LOW
MySQL Server <8.4.2, <9.0.1 - Info Disclosure
Oct 15, 2024
CVSS 2.2
EPSS 0.00
CVE-2024-21243 LOW
Oracle MySQL <8.4.2, <9.0.1 - Info Disclosure
Oct 15, 2024
CVSS 2.2
EPSS 0.00
CVE-2024-21242 LOW
Oracle XML Database 19.3-19.24, 21.3-21.15, 23.4-23.5 - Partial Denial of Service via HTTP
Oct 15, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-21241 MEDIUM
MySQL Server <= 8.0.39, <= 8.4.2, <= 9.0.1 - Authenticated Denial of Service in Optimizer
Oct 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-21239 MEDIUM
MySQL < 8.0.39, 8.4.2, 9.0.1 - Authenticated Denial of Service in InnoDB
Oct 15, 2024
CVSS 4.9
EPSS 0.01
CVE-2024-21238 MEDIUM
MySQL Server < 8.0.39, 8.4.1, 9.0.1 - Denial of Service in Thread Pooling
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21237 LOW
MySQL Server 8.0.0-8.0.39, 8.4.0-8.4.2, 9.0.0-9.0.1 - Authenticated Partial Denial of Service in Group Replication GCS
Oct 15, 2024
CVSS 2.2
EPSS 0.00
CVE-2024-21236 MEDIUM
MySQL Server <= 8.0.39, <= 8.4.2, <= 9.0.1 - Authenticated Denial of Service in InnoDB
Oct 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-21235 MEDIUM
Oracle Java SE <23 - Info Disclosure
Oct 15, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-21234 HIGH
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Missing Authorization via T3, IIOP
Oct 15, 2024
CVSS 7.5
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV