oracle

10,202 tracked vulnerabilities.

CVE-2022-24891 MEDIUM
OWASP Enterprise Security API < 2.3.0.0 - Cross-Site Scripting via antisamy-esapi.xml onsiteURL Regex
Apr 27, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-24736 LOW
Redis <6.2.7 & <7.0.0 - NULL Pointer Dereference
Apr 27, 2022
CVSS 3.3
EPSS 0.02
CVE-2022-24735 LOW
Redis <7.0.0-6.2.7 - Code Injection
Apr 27, 2022
CVSS 3.9
EPSS 0.02
CVE-2022-23457 HIGH
OWASP Enterprise Security API < 2.3.0.0 - Path Traversal via Validator.getValidDirectoryPath
Apr 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-29577 MEDIUM
OWASP AntiSamy < 1.6.7 - Cross-Site Scripting via HTML Tag Smuggling in STYLE Content
Apr 21, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-22969 MEDIUM
Spring Security OAuth 2.5.x < 2.5.2 - Denial of Service via Authorization Request Flooding
Apr 21, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-21498 MEDIUM
Oracle Database 12.1.0.2, 19c, 21c - Authenticated Data Manipulation in Java VM
Apr 19, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-21497 HIGH
Oracle Web Services Manager <12.2.1.4.0 - Unauthenticated RCE
Apr 19, 2022
CVSS 8.1
EPSS 0.02
CVE-2022-21496 MEDIUM
Oracle GraalVM & Java SE - Unauthenticated Data Manipulation via JNDI
Apr 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21494 MEDIUM
Oracle Solaris 11 - Denial of Service in Kernel
Apr 19, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-21493 MEDIUM
Oracle Solaris 11 - Denial of Service via Kernel Component
Apr 19, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-21492 MEDIUM
Oracle Fusion Middleware 5.9.0.0.0 - Info Disclosure
Apr 19, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-21491 HIGH
Oracle VM VirtualBox < 6.1.34 - Authenticated Remote Code Execution
Apr 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-21490 MEDIUM
Oracle MySQL <7.4.35, 7.5.25, 7.6.21, 8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.43
CVE-2022-21489 MEDIUM
Oracle MySQL <7.4.35, 7.5.25, 7.6.21, 8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.09
CVE-2022-21488 LOW
Oracle VM VirtualBox <6.1.34 - Privilege Escalation
Apr 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-21487 LOW
Oracle VM VirtualBox < 6.1.34 - Unauthorized Data Read Access
Apr 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-21486 LOW
MySQL Cluster <= 7.4.35, <= 7.5.25, <= 7.6.21, <= 8.0.28 - Unauthorized Read Access and Partial Denial of Service
Apr 19, 2022
CVSS 2.9
EPSS 0.00
CVE-2022-21485 LOW
MySQL Cluster <= 7.4.35, <= 7.5.25, <= 7.6.21, <= 8.0.28 - Unauthorized Read Access and Partial Denial of Service
Apr 19, 2022
CVSS 2.9
EPSS 0.00
CVE-2022-21484 LOW
Oracle MySQL Cluster <= 7.4.35, <= 7.5.25, <= 7.6.21, <= 8.0.28 - Unauthorized Read Access and Partial Denial of Service
Apr 19, 2022
CVSS 2.9
EPSS 0.00
CVE-2022-21483 MEDIUM
Oracle MySQL <7.4.35, 7.5.25, 7.6.21, 8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.13
CVE-2022-21482 MEDIUM
Oracle MySQL <8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.13
CVE-2022-21481 MEDIUM
Oracle PeopleSoft 9.2 - Info Disclosure
Apr 19, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-21480 MEDIUM
Oracle Transportation Management <6.5.1 - Unauthenticated RCE
Apr 19, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-21479 MEDIUM
MySQL Server < 8.0.28 - Authenticated Denial of Service and Information Disclosure in Optimizer
Apr 19, 2022
CVSS 5.5
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV