oracle

10,484 tracked vulnerabilities.

CVE-2025-21492 MEDIUM
MySQL Server 8.0.0-8.0.36 and 8.4.0 - Authenticated Denial of Service in Optimizer
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21491 MEDIUM
MySQL Server < 8.0.40 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21490 MEDIUM
MySQL Server <= 8.0.40, <= 8.4.3, 9.1.0 - Authenticated Denial of Service in InnoDB
Jan 21, 2025
CVSS 4.9
EPSS 0.01
CVE-2025-21489 MEDIUM
Oracle E-Business Suite 12.2.3-12.2.10 - Unauthenticated Cross-Site Request Forgery in Region Mapping
Jan 21, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-21245 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.9.0 - Authenticated Origin Validation Error via HTTP
Jan 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-9653 MEDIUM
Restaurant Menu - Food Ordering System <= 2.4.2 - Reflected XSS via Action Parameter
Nov 20, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21287 HIGH KEV
Oracle Agile PLM Framework 9.3.6 - Unauthenticated Incorrect Authorization in Software Development Kit
Nov 18, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21286 MEDIUM
Oracle PeopleSoft <9.2 - Info Disclosure
Oct 15, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-21285 HIGH
Oracle Banking Liquidity Management 14.5.0.12.0 - Incorrect Authorization in Reports
Oct 15, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-21284 HIGH
Oracle Banking Liquidity Management 14.5.0.12.0 - Incorrect Authorization in Reports
Oct 15, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-21283 HIGH
Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.48-9.2.50 - Incorrect Authorization via HTTP
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21282 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Incorrect Authorization in Common Components
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21281 MEDIUM
Oracle Banking Liquidity Management 14.7.0.6.0 - HTTP Request Smuggling
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21280 HIGH
Oracle Service Contracts 12.2.5-12.2.13 - Unauthorized Data Access and Modification in Authoring Component
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21279 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Auctions
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21278 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Unauthorized Data Access and Modification in Award Processes
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21277 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Device Integration
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21276 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Messages Component
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21275 HIGH
Oracle E-Business Suite 12.2.7-12.2.13 - Authenticated Incorrect Authorization in User Interface
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21274 HIGH
Oracle WebLogic Server 12.2.1.4.0-14.1.1.0.0 - Unauthenticated Denial of Service via HTTP
Oct 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21273 MEDIUM
Oracle VM VirtualBox <7.0.22-7.1.2 - Privilege Escalation
Oct 15, 2024
CVSS 6.0
EPSS 0.01
CVE-2024-21272 HIGH
MySQL Connector/Python <= 9.0.0 - Authenticated Remote Takeover via Multiple Protocols
Oct 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21271 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Incorrect Authorization in Field Service Engineer Portal
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21270 HIGH
Oracle E-Business Suite 12.2.6-12.2.13 - Authenticated Incorrect Authorization in Tasks Component
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21269 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Compensation Plan
Oct 15, 2024
CVSS 8.1
EPSS 0.00