oracle

10,202 tracked vulnerabilities.

CVE-2021-2137 HIGH
Oracle Enterprise Manager <13.5.0.0 - RCE
Oct 20, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-42739 MEDIUM
Linux kernel < 5.14.13 - Out-of-bounds Write in Firewire Subsystem
Oct 20, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-37137 HIGH
Netty < 4.1.68 - Uncontrolled Resource Consumption via Snappy Frame Decoder
Oct 19, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-37136 HIGH
Netty < 4.1.68 - Denial of Service via Bzip2 Decompression OOME
Oct 19, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-42575 CRITICAL
OWASP Java HTML Sanitizer <20211018.1 - XSS
Oct 18, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-42340 HIGH
Apache Tomcat 8.5.60-8.5.71, 9.0.40-9.0.53, 10.0.0-M1-10.0.11, 10.1.0-M1-10.1.0-M5 Memory Leak via WebSocket
Oct 14, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-42013 CRITICAL KEVNUCLEI
Apache HTTP Server 2.4.49-2.4.50 - Path Traversal and Remote Code Execution via Alias-like Directives
Oct 07, 2021
CVSS 9.8
EPSS 0.94
CVE-2021-20264 HIGH
OpenJDK - Privilege Escalation via /etc/passwd Modification
Oct 06, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-41773 CRITICAL KEVNUCLEI
Apache 2.4.49/2.4.50 Traversal RCE
Oct 05, 2021
CVSS 9.8
EPSS 0.94
CVE-2021-41524 HIGH
Apache HTTP Server 2.4.49 - Denial of Service via HTTP/2 Request Processing
Oct 05, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-41099 HIGH
Redis <6.2.6/<6.0.16/<5.0.14 - Heap Corruption via proto-max-bulk-len
Oct 04, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-32762 HIGH
Redis 5.0.0-5.0.13 - Integer Overflow in Multi-Bulk Reply Parsing
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32687 HIGH
Redis <6.2.6/<6.0.16/<5.0.14 - Heap Corruption via set-max-intset-entries
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32675 HIGH
Redis 5.0.0-5.0.13 - Unauthenticated Denial of Service via RESP Request Memory Allocation
Oct 04, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-32672 MEDIUM
Redis <6.2.6-5.0.14 - Use After Free
Oct 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-32628 HIGH
Redis 5.0.0-5.0.13 - Remote Code Execution via Ziplist Integer Overflow
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32627 HIGH
Redis 5.0.0-5.0.13 - Remote Code Execution via Integer Overflow in Stream Elements
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32626 HIGH
Redis 2.6-5.0.13 - Heap-based Buffer Overflow via Lua Script Execution
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-21705 MEDIUM
PHP 7.3.0-7.3.28 - Improper Input Validation in filter_var URL Validation
Oct 04, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-22947 MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-22946 HIGH
curl >=7.20.0-7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41617 HIGH
OpenSSH 6.2-8.x - Privilege Escalation via AuthorizedKeysCommand and AuthorizedPrincipalsCommand Helper Programs
Sep 26, 2021
CVSS 7.0
EPSS 0.00
CVE-2021-2464 HIGH
Oracle Linux 7 and 8 - Authenticated Remote Code Execution in OSwatcher
Sep 24, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22945 CRITICAL
libcurl <= 7.73.0, 7.78.0 - Use After Free
Sep 23, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-38153 MEDIUM
Apache Kafka <2.8.1-2.8.0 - Timing Attack
Sep 22, 2021
CVSS 5.9
EPSS 0.02
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV