oracle

10,484 tracked vulnerabilities.

CVE-2025-21518 MEDIUM
MySQL Server <= 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21517 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthorized Data Manipulation via Web Runtime SEC
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-21516 HIGH
Oracle E-Business Suite 12.2.5-12.2.13 - Authenticated Incorrect Authorization in Service Requests
Jan 21, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-21515 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Authenticated Remote Code Execution via Web Runtime SEC
Jan 21, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-21514 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Read via Web Runtime SEC
Jan 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-21513 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Cross-Site Request Forgery
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21512 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Open Redirect in Web Runtime SEC
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-21511 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Access via Web Runtime SEC
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21510 HIGH
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Unauthenticated Unauthorized Data Access via Web Runtime SEC
Jan 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-21509 MEDIUM
Oracle JD Edwards Enterpriseone Tools < 9.2.9.0 - Resource Allocation Without Limits
Jan 21, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21508 MEDIUM
Oracle JD Edwards Enterpriseone Tools < 9.2.9.0 - Resource Allocation Without Limits
Jan 21, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21507 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Cross-Site Request Forgery in Web Runtime SEC
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-21506 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Technology Foundation
Jan 21, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-21505 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in Components Services
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21504 MEDIUM
MySQL Server < 8.0.39, <= 8.4.2, <= 9.0.1 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21503 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21502 MEDIUM
Oracle GraalVM - Incorrect Authorization
Jan 21, 2025
CVSS 4.8
EPSS 0.01
CVE-2025-21501 MEDIUM
MySQL Server < 8.0.40 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21500 MEDIUM
MySQL Server < 8.0.40, 8.4.3, 9.1.0 - Denial of Service in Optimizer
Jan 21, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-21499 MEDIUM
MySQL Server < 8.4.3 and 9.1.0 - Authenticated Denial of Service in DDL Component
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21498 MEDIUM
Oracle HTTP Server 12.2.1.4.0 - Unauthenticated Unauthorized Data Read via HTTP
Jan 21, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-21497 MEDIUM
MySQL Server < 8.0.40, 8.4.3 and prior, 9.1.0 and prior - Denial of Service and Unauthorized Data Manipulation in InnoDB
Jan 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-21495 MEDIUM
Oracle MySQL Enterprise Firewall <= 8.0.40, <= 8.4.3, 9.1.0 - Denial of Service
Jan 21, 2025
CVSS 4.4
EPSS 0.01
CVE-2025-21494 MEDIUM
MySQL Server < 8.0.39 - Authenticated Denial of Service in Privilege Management
Jan 21, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-21493 MEDIUM
MySQL Server < 8.4.3 and 9.1.0 - Denial of Service in Privilege Security Component
Jan 21, 2025
CVSS 4.4
EPSS 0.01