oracle

10,484 tracked vulnerabilities.

CVE-2024-21268 HIGH
Oracle E-Business Suite 12.2.11-12.2.13 - Incorrect Authorization in Oracle Applications Manager Diagnostics
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21267 HIGH
Oracle E-Business Suite 12.2.12-12.2.13 - Authenticated Incorrect Authorization in Cost Planning
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21266 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Price List
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21265 HIGH
Oracle E-Business Suite 12.2.3-12.2.13 - Authenticated Incorrect Authorization in Site Hierarchy Flows
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21264 MEDIUM
Oracle PeopleSoft 9.2 - Unauthorized Update
Oct 15, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-21263 MEDIUM
Oracle VM VirtualBox < 7.0.22 - Denial of Service and Unauthorized Data Read
Oct 15, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-21262 MEDIUM
MySQL Connectors <= 9.0.0 - Unauthenticated Incorrect Authorization
Oct 15, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-21261 MEDIUM
Oracle Application Express <24.1 - RCE
Oct 15, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-21260 HIGH
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Denial of Service via T3, IIOP
Oct 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21259 HIGH
Oracle VM VirtualBox < 7.0.22 - Authenticated Remote Code Execution
Oct 15, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21258 MEDIUM
Oracle E-Business Suite <12.2.15 - Info Disclosure
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21257 LOW
Oracle Hyperion BI+ <11.2.18.0 - Info Disclosure
Oct 15, 2024
CVSS 3.0
EPSS 0.00
CVE-2024-21255 HIGH
Oracle PeopleSoft Enterprise PeopleTools 8.59-8.61 - XML External Entity Injection in XMLPublisher
Oct 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21254 HIGH
Oracle BI Publisher 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0 - Missing Authorization via Web Server
Oct 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21253 LOW
Oracle VM VirtualBox < 7.0.22 - Authenticated Partial Denial of Service in Core
Oct 15, 2024
CVSS 2.3
EPSS 0.00
CVE-2024-21252 HIGH
Oracle Product Hub 12.2.3-12.2.13 - Missing Authorization in Item Catalog
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21251 LOW
Oracle Database Server 19.3-19.24, 21.3-21.15, 23.4-23.5 - Authenticated Data Manipulation in Java VM
Oct 15, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-21250 HIGH
Oracle Process Manufacturing 12.2.13-12.2.14 Missing Authorization in Quality Manager
Oct 15, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-21249 MEDIUM
Oracle PeopleSoft Enterprise FIN Expenses 9.2 - Unauthorized Data Access via Expenses Component
Oct 15, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-21248 MEDIUM
Oracle VM VirtualBox < 7.0.22 - Authenticated Improper Access Control
Oct 15, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21247 LOW
MySQL Client <= 8.0.39, <= 8.4.2, <= 9.0.1 - Authenticated Improper Access Control in mysqldump
Oct 15, 2024
CVSS 3.8
EPSS 0.01
CVE-2024-21246 HIGH
Oracle Service Bus 12.2.1.4.0 - Unauthenticated Missing Authorization via HTTP
Oct 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21244 LOW
MySQL Server <8.4.2, <9.0.1 - Info Disclosure
Oct 15, 2024
CVSS 2.2
EPSS 0.01
CVE-2024-21243 LOW
Oracle MySQL <8.4.2, <9.0.1 - Info Disclosure
Oct 15, 2024
CVSS 2.2
EPSS 0.01
CVE-2024-21242 LOW
Oracle XML Database 19.3-19.24, 21.3-21.15, 23.4-23.5 - Partial Denial of Service via HTTP
Oct 15, 2024
CVSS 3.5
EPSS 0.00