oracle

10,202 tracked vulnerabilities.

CVE-2026-21957 HIGH
Oracle VM VirtualBox 7.1.14 and 7.2.4 - Privilege Escalation in Core Component
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21956 HIGH
Oracle VM VirtualBox 7.1.14 and 7.2.4 - Uncontrolled Resource Consumption
Jan 20, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-21955 HIGH
Oracle VM VirtualBox 7.1.14 and 7.2.4 - Uncontrolled Resource Consumption
Jan 20, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-21952 MEDIUM
MySQL Server 9.0.0-9.5.0 - Denial of Service in Parser
Jan 20, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-21951 MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.60-8.62 - Unauthenticated Cross-Site Scripting in Integration Broker
Jan 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-21950 MEDIUM
MySQL Server 9.0.0-9.5.0 - Authenticated Denial of Service in Optimizer
Jan 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21949 MEDIUM
MySQL Server 9.0.0-9.5.0 - Denial of Service in Optimizer
Jan 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21948 MEDIUM
MySQL Server 8.0.0-8.0.44, 8.4.0-8.4.7, 9.0.0-9.5.0 - Authenticated Denial of Service in Optimizer
Jan 20, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-21947 LOW
Oracle Java SE 8u471-b50 - Unauthenticated Cross-Site Scripting in JavaFX
Jan 20, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-21946 MEDIUM
Oracle JD Edwards EnterpriseOne Tools 9.2.0.0-9.2.26.0 - Unauthenticated Cross-Site Scripting in Web Runtime SEC
Jan 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-21945 HIGH
Oracle GraalVM and Java SE - Unauthenticated Denial of Service via Resource Consumption
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21944 MEDIUM
Oracle Agile Product Lifecycle Management for Process 6.2.4 - Cross-Site Scripting
Jan 20, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-21943 MEDIUM
Oracle Scripting 12.2.3-12.2.15 - Unauthenticated Cross-Site Scripting
Jan 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-21942 MEDIUM
Oracle Solaris 10 and 11 - Denial of Service in Filesystems
Jan 20, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-21941 MEDIUM
MySQL Server 8.0.0-8.0.44, 8.4.0-8.4.7, 9.0.0-9.5.0 - Authenticated Denial of Service in Optimizer
Jan 20, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-21940 HIGH
Oracle Agile PLM 9.3.6 - Unauthenticated Exposure of Sensitive Information via User and User Group Component
Jan 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21939 HIGH
Oracle Database Server <23.26.0 - SQL Injection
Jan 20, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-21938 MEDIUM
Oracle PeopleSoft <8.62 - Info Disclosure
Jan 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-21937 MEDIUM
MySQL Server 8.0.0-8.0.44, 8.4.0-8.4.7, 9.0.0-9.5.0 - Authenticated Denial of Service in Server: DDL
Jan 20, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-21936 MEDIUM
Oracle MySQL Server 8.0.0-8.0.44, 8.4.0-8.4.7, 9.0.0-9.5.0 - Authenticated Denial of Service in InnoDB
Jan 20, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-21935 MEDIUM
Oracle Solaris 11 - Privilege Escalation
Jan 20, 2026
CVSS 5.8
EPSS 0.00
CVE-2026-21934 MEDIUM
Oracle PeopleSoft <8.62 - Privilege Escalation
Jan 20, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-21933 MEDIUM
Oracle Java SE <25.0.1 - Networking
Jan 20, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-21932 HIGH
Oracle Java SE and GraalVM - Unauthenticated Data Manipulation via Multiple Protocols
Jan 20, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-21931 MEDIUM
Oracle APEX <24.2.1 - Info Disclosure
Jan 20, 2026
CVSS 5.4
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV