oracle

10,484 tracked vulnerabilities.

CVE-2024-20962 MEDIUM
MySQL Server < 8.0.35 and 8.2.0 - Denial of Service in Optimizer
Feb 17, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-20960 MEDIUM
MySQL Server < 8.0.35 - Authenticated Denial of Service in RAPID Component
Feb 17, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-20958 MEDIUM
Oracle E-Business Suite - Info Disclosure
Feb 17, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-20956 HIGH
Oracle Agile PLM for Process < 6.2.4.2 - Unauthenticated DoS and Data Manipulation via HTTP
Feb 17, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-20953 HIGH KEV
Oracle Agile PLM 9.3.6 - Authenticated Remote Code Execution via Export Component Deserialization
Feb 17, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-20951 MEDIUM
Oracle Customer Interaction History 12.2.3-12.2.13 - Unauthenticated Improper Access Control in Outcome-Result Component
Feb 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-20949 MEDIUM
Oracle Customer Interaction History 12.2.3-12.2.13 - Unauthenticated Out-of-bounds Read in Outcome-Result
Feb 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-20947 MEDIUM
Oracle E-Business Suite - CRM User Management Framework - Info Disc...
Feb 17, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-20945 MEDIUM
Oracle Java SE <21.0.1 - Info Disclosure
Feb 17, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-20943 MEDIUM
Oracle Knowledge Management 12.2.3-12.2.13 - Improper Authorization via HTTP
Feb 17, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-20941 MEDIUM
Oracle Installed Base 12.2.3-12.2.13 - Unauthenticated Out-of-bounds Read via HTML UI
Feb 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-20939 MEDIUM
Oracle CRM Technical Foundation 12.2.3-12.2.13 - Authenticated Partial Denial of Service via Admin Console
Feb 17, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-20937 MEDIUM
Oracle JD Edwards EnterpriseOne Tools < 9.2.8.1 - Unauthorized Data Access via Monitoring and Diagnostics SEC
Feb 17, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-20935 MEDIUM
Oracle E-Business Suite <12.2.13 - Info Disclosure
Feb 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-20933 MEDIUM
Oracle Installed Base 12.2.3-12.2.13 - Unauthenticated Cross-Site Request Forgery in Engineering Change Order
Feb 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-20931 HIGH
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Unauthorized Data Access via T3/IIOP
Feb 17, 2024
CVSS 7.5
EPSS 0.60
CVE-2024-20929 MEDIUM
Oracle Application Object Library 12.2.3-12.2.13 - Unauthenticated Improper Access Control via DB Privileges
Feb 17, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-20927 HIGH
Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 - Unauthenticated Improper Access Control via HTTP
Feb 17, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-20925 LOW
Oracle Java SE <8u391, Oracle GraalVM EE <21.3.8 - Info Disclosure
Feb 17, 2024
CVSS 3.1
EPSS 0.01
CVE-2024-20923 LOW
Oracle Java SE <8u391, Oracle GraalVM EE <21.3.8 - Info Disclosure
Feb 17, 2024
CVSS 3.1
EPSS 0.01
CVE-2024-20921 MEDIUM
Oracle GraalVM and JDK - Unauthenticated Unauthorized Data Access via Hotspot Component
Feb 17, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-20919 MEDIUM
Oracle Java SE <21.0.1 - Info Disclosure
Feb 17, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-20917 HIGH
Oracle Enterprise Manager Base Platform 13.5.0.0 - Unauthenticated Data Access and Partial DoS via Log Management
Feb 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-20915 MEDIUM
Oracle Application Object Library 12.2.3-12.2.13 - Unauthenticated Partial Denial of Service via HTTP Request Smuggling
Feb 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-20913 MEDIUM
Oracle Analytics <12.2.1.4.0 - Info Disclosure
Feb 17, 2024
CVSS 5.4
EPSS 0.00