oracle
10,484 tracked vulnerabilities.
CVE-2022-22971
MEDIUM
Spring Framework 5.2.0-5.2.20 and 5.3.0-5.3.19 - Authenticated Denial of Service via STOMP over WebSocket
May 12, 2022
CVSS 6.5
EPSS 0.03
CVE-2022-22970
MEDIUM
Spring Framework < 5.2.22 - Denial of Service via File Upload Data Binding
May 12, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-29885
HIGH
Apache Tomcat 8.5.38-8.5.78 and 10.1.0-M1-10.1.0-M14 - Denial of Service via EncryptInterceptor
May 12, 2022
CVSS 7.5
EPSS 0.73
CVE-2022-24823
MEDIUM
Netty < 4.1.77 - Local Information Disclosure via Temporary File Permissions
May 06, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-1292
HIGH
Siemens Brownfield Connectivity Gateway < 2.15 - OS Command Injection
May 03, 2022
CVSS 7.3
EPSS 0.83
CVE-2022-29824
MEDIUM
libxml2 < 2.9.14 - Integer Overflow via Buffer Handling Functions
May 03, 2022
CVSS 6.5
EPSS 0.04
CVE-2022-25647
HIGH
Gson < 2.8.9 - Denial of Service via Untrusted Data Deserialization
May 01, 2022
CVSS 7.7
EPSS 0.12
CVE-2022-24891
MEDIUM
OWASP Enterprise Security API < 2.3.0.0 - Cross-Site Scripting via antisamy-esapi.xml onsiteURL Regex
Apr 27, 2022
CVSS 5.4
EPSS 0.02
CVE-2022-24736
LOW
Redis <6.2.7 & <7.0.0 - NULL Pointer Dereference
Apr 27, 2022
CVSS 3.3
EPSS 0.01
CVE-2022-24735
LOW
Redis <7.0.0-6.2.7 - Code Injection
Apr 27, 2022
CVSS 3.9
EPSS 0.02
CVE-2022-23457
HIGH
OWASP Enterprise Security API < 2.3.0.0 - Path Traversal via Validator.getValidDirectoryPath
Apr 25, 2022
CVSS 7.5
EPSS 0.03
CVE-2022-29577
MEDIUM
OWASP AntiSamy < 1.6.7 - Cross-Site Scripting via HTML Tag Smuggling in STYLE Content
Apr 21, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-22969
MEDIUM
Spring Security OAuth 2.5.x < 2.5.2 - Denial of Service via Authorization Request Flooding
Apr 21, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-21498
MEDIUM
Oracle Database 12.1.0.2, 19c, 21c - Authenticated Data Manipulation in Java VM
Apr 19, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-21497
HIGH
Oracle Web Services Manager <12.2.1.4.0 - Unauthenticated RCE
Apr 19, 2022
CVSS 8.1
EPSS 0.02
CVE-2022-21496
MEDIUM
Oracle GraalVM & Java SE - Unauthenticated Data Manipulation via JNDI
Apr 19, 2022
CVSS 5.3
EPSS 0.03
CVE-2022-21494
MEDIUM
Oracle Solaris 11 - Denial of Service in Kernel
Apr 19, 2022
CVSS 4.0
EPSS 0.00
CVE-2022-21493
MEDIUM
Oracle Solaris 11 - Denial of Service via Kernel Component
Apr 19, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-21492
MEDIUM
Oracle Fusion Middleware 5.9.0.0.0 - Info Disclosure
Apr 19, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-21491
HIGH
Oracle VM VirtualBox < 6.1.34 - Authenticated Remote Code Execution
Apr 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-21490
MEDIUM
Oracle MySQL <7.4.35, 7.5.25, 7.6.21, 8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.79
CVE-2022-21489
MEDIUM
Oracle MySQL <7.4.35, 7.5.25, 7.6.21, 8.0.28 - Privilege Escalation
Apr 19, 2022
CVSS 6.3
EPSS 0.79
CVE-2022-21488
LOW
Oracle VM VirtualBox <6.1.34 - Privilege Escalation
Apr 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-21487
LOW
Oracle VM VirtualBox < 6.1.34 - Unauthorized Data Read Access
Apr 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-21486
LOW
MySQL Cluster <= 7.4.35, <= 7.5.25, <= 7.6.21, <= 8.0.28 - Unauthorized Read Access and Partial Denial of Service
Apr 19, 2022
CVSS 2.9
EPSS 0.02
Products
mysql 1,329
jre 799
jdk 787
solaris 555
database_server 516
vm_virtualbox 427
peoplesoft_enterprise_peopletools 355
e-business_suite 337
weblogic_server 322
fusion_middleware 313
mysql_server 278
linux 229
application_server 198
outside_in_technology 195
graalvm 188
jd_edwards_enterpriseone_tools 164
peoplesoft_products 158
enterprise_manager_base_platform 135
communications_cloud_native_core_policy 125
retail_xstore_point_of_service 125
zfs_storage_appliance_kit 117
enterprise_manager_ops_center 107
jrockit 107
http_server 105
webcenter_portal 100
openjdk 98
supply_chain_products_suite 97
flexcube_universal_banking 95
primavera_unifier 95
financial_services_analytical_applications_infrastructure 90
Quick Filters