oracle

10,202 tracked vulnerabilities.

CVE-2022-24728 MEDIUM
CKEditor 4 < 4.18.0 - Stored Cross-Site Scripting via HTML Sanitization Bypass
Mar 16, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-23943 CRITICAL
Apache HTTP Server <2.4.52 - Memory Corruption
Mar 14, 2022
CVSS 9.8
EPSS 0.61
CVE-2022-22721 CRITICAL
Apache HTTP Server < 2.4.52 - Integer Overflow via Large Request Body Handling
Mar 14, 2022
CVSS 9.1
EPSS 0.13
CVE-2022-22720 CRITICAL
Apache HTTP Server < 2.4.52 - HTTP Request Smuggling via Inbound Connection Handling
Mar 14, 2022
CVSS 9.8
EPSS 0.27
CVE-2022-22719 HIGH
Apache HTTP Server <2.4.52 - Memory Corruption
Mar 14, 2022
CVSS 7.5
EPSS 0.30
CVE-2022-0002 MEDIUM
Intel Celeron N4000 and Atom Processors - Information Disclosure via Branch Predictor Sharing
Mar 11, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-0001 MEDIUM
Intel Atom and Celeron Processors - Information Disclosure via Branch Predictor Selector Sharing
Mar 11, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22946 MEDIUM
Spring Cloud Gateway - Improper Certificate Validation
Mar 04, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-0839 CRITICAL
liquibase < 4.8.0 - XML External Entity Injection
Mar 04, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-22947 CRITICAL KEVNUCLEI
Spring Cloud Gateway Remote Code Execution
Mar 03, 2022
CVSS 10.0
EPSS 0.94
CVE-2022-21716 HIGH
Twisted 21.7.0-22.1.0 - Denial of Service via SSH Version Identifier Buffer Overflow
Mar 03, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23308 HIGH
libxml2 < 2.9.13 - Use-After-Free in valid.c
Feb 26, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24329 MEDIUM
JetBrains Kotlin <1.6.0 - Info Disclosure
Feb 25, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21824 HIGH
Node.js 12.0.0-12.22.8 and 17.0.0-17.3.0 - Prototype Pollution via console.table() Properties Parameter
Feb 24, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-25636 HIGH
Linux Kernel 5.4-5.6.10 - Privilege Escalation via nf_dup_netdev Heap Out-of-Bounds Write
Feb 24, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24407 HIGH
Cyrus SASL 2.1.17-2.1.27 - SQL Injection via Unescaped Password in SQL Plugin
Feb 24, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-25315 CRITICAL
libexpat < 2.4.5 - Integer Overflow in storeRawNames
Feb 18, 2022
CVSS 9.8
EPSS 0.09
CVE-2022-25314 HIGH
libexpat < 2.4.5 - Integer Overflow in copyString
Feb 18, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25313 MEDIUM
libexpat < 2.4.5 - Denial of Service via DTD Element Nesting
Feb 18, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-23632 HIGH
Traefik < 2.6.1 - Improper Certificate Validation via FQDN Host Header
Feb 17, 2022
CVSS 7.4
EPSS 0.01
CVE-2022-25236 CRITICAL
libexpat < 2.4.5 - Namespace URI Injection via Namespace-Separator Character
Feb 16, 2022
CVSS 9.8
EPSS 0.09
CVE-2022-25235 CRITICAL
libexpat < 2.4.5 - Improper Encoding or Escaping of Output
Feb 16, 2022
CVSS 9.8
EPSS 0.12
CVE-2022-0391 HIGH
Python <3.10.0b1-3.6.14 - Code Injection
Feb 09, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-0286 MEDIUM
Linux Kernel - Denial of Service via Null Pointer Dereference in bond_ipsec_add_sa()
Jan 31, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-23181 HIGH
Apache Tomcat 8.5.55-8.5.73, 9.0.35-9.0.56, 10.0.0-M5-10.0.14, 10.1.0-M1-10.1.0-M8 - TOCTOU Race Condition in FileStore
Jan 27, 2022
CVSS 7.0
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV