oracle

10,202 tracked vulnerabilities.

CVE-2022-21508 MEDIUM
Oracle Essbase 21.3 - Privilege Escalation
Jul 19, 2022
CVSS 5.8
EPSS 0.00
CVE-2022-21455 MEDIUM
Oracle MySQL <8.0.28 - Privilege Escalation
Jul 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21439 MEDIUM
Oracle Solaris 10 and 11 - Denial of Service in Kernel
Jul 19, 2022
CVSS 4.2
EPSS 0.00
CVE-2022-21432 LOW
Oracle Database 12.1.0.2, 19c, 21c - Authenticated Partial Denial of Service via Oracle Net
Jul 19, 2022
CVSS 2.7
EPSS 0.00
CVE-2022-21429 HIGH
Oracle Communications Billing and Revenue Management <12.0.0.6.0 - RCE
Jul 19, 2022
CVSS 8.1
EPSS 0.03
CVE-2022-21428 MEDIUM
Oracle FLEXCUBE Universal Banking 12.1-12.4, 14.0-14.3, 14.5 - Unauthorized Data Access and DoS via HTTP
Jul 19, 2022
CVSS 6.7
EPSS 0.01
CVE-2022-34169 HIGH
Apache Xalan <2.7.3 - Code Injection
Jul 19, 2022
CVSS 7.5
EPSS 0.11
CVE-2022-21503 MEDIUM
Oracle Cloud Infrastructure - Confidentiality Impact
Jun 17, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-21504 MEDIUM
Oracle Linux UEK6 U3 - Use-After-Free in Socket File Descriptor Handling
Jun 14, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25845 HIGH
fastjson < 1.2.83 - Deserialization of Untrusted Data via autoType Bypass
Jun 10, 2022
CVSS 8.1
EPSS 0.89
CVE-2022-21499 MEDIUM
Oracle Linux - Out-of-bounds Write in KGDB and KDB
Jun 09, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-27778 HIGH
cURL - Use of Incorrectly Resolved Name
Jun 02, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-21500 HIGH NUCLEI
Oracle E-Business Suite 12.2 - Unauthorized Access
May 20, 2022
CVSS 7.5
EPSS 0.94
CVE-2022-22978 CRITICAL
Spring Security < 5.5.7 - Authorization Bypass via RegexRequestMatcher Misconfiguration
May 19, 2022
CVSS 9.8
EPSS 0.90
CVE-2022-22976 MEDIUM
Spring Security 5.5.x < 5.5.7 and 5.6.x < 5.6.4 - Integer Overflow in BCrypt Work Factor
May 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-30126 MEDIUM
Apache Tika < 1.28.2 - Denial of Service via StandardsExtractingContentHandler
May 16, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-25169 MEDIUM
Apache Tika < 1.28.2 - Denial of Service via BPG Parser
May 16, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25762 HIGH
Apache Tomcat 8.5.0-8.5.75 and 9.0.0.M1-9.0.20 - Improper Resource Shutdown or Release in WebSocket Connection Handling
May 13, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-22971 MEDIUM
Spring Framework 5.2.0-5.2.20 and 5.3.0-5.3.19 - Authenticated Denial of Service via STOMP over WebSocket
May 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22970 MEDIUM
Spring Framework < 5.2.22 - Denial of Service via File Upload Data Binding
May 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-29885 HIGH
Apache Tomcat 8.5.38-8.5.78 and 10.1.0-M1-10.1.0-M14 - Denial of Service via EncryptInterceptor
May 12, 2022
CVSS 7.5
EPSS 0.56
CVE-2022-24823 MEDIUM
Netty < 4.1.77 - Local Information Disclosure via Temporary File Permissions
May 06, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-1292 HIGH
Siemens Brownfield Connectivity Gateway < 2.15 - OS Command Injection
May 03, 2022
CVSS 7.3
EPSS 0.41
CVE-2022-29824 MEDIUM
libxml2 < 2.9.14 - Integer Overflow via Buffer Handling Functions
May 03, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-25647 HIGH
Gson < 2.8.9 - Denial of Service via Untrusted Data Deserialization
May 01, 2022
CVSS 7.7
EPSS 0.03
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV