oracle

10,202 tracked vulnerabilities.

CVE-2021-40690 HIGH
Apache Santuario XML Security for Java < 2.1.7 - Sensitive Information Exposure via XPath Transform
Sep 19, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41303 CRITICAL
Apache Shiro < 1.8.0 - Authentication Bypass via Spring Boot Integration
Sep 17, 2021
CVSS 9.8
EPSS 0.49
CVE-2021-3807 HIGH
ansi-regex - Inefficient Regular Expression Complexity
Sep 17, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-40438 CRITICAL KEVNUCLEI
Apache HTTP Server <2.4.48 - SSRF
Sep 16, 2021
CVSS 9.0
EPSS 0.94
CVE-2021-39275 CRITICAL
Apache HTTP Server < 2.4.49 - Out-of-bounds Write in ap_escape_quotes()
Sep 16, 2021
CVSS 9.8
EPSS 0.38
CVE-2021-36160 HIGH
Apache HTTP Server 2.4.30-2.4.48 - Denial of Service via mod_proxy_uwsgi URI Path
Sep 16, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-34798 HIGH
Apache HTTP Server < 2.4.48 - NULL Pointer Dereference
Sep 16, 2021
CVSS 7.5
EPSS 0.10
CVE-2021-23440 HIGH
set-value < 2.0.1 and 3.0.0-4.0.1 - Type Confusion via Array Path Parameter
Sep 12, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-3634 MEDIUM
libssh < 0.9.6 - Out-of-bounds Write via Session ID Buffer Handling
Aug 31, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-39135 HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Symbolic Link Following
Aug 31, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-39134 HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Case-Insensitive Dependency Resolution
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-37713 HIGH
npmjs/tar < 4.4.18 - Arbitrary File Creation/Overwrite and Code Execution via Path Traversal
Aug 31, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-37712 HIGH
tar < 4.4.18, 5.0.10, 6.1.9 - Arbitrary File Creation and Overwrite via Unicode Normalization Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-37701 HIGH
npmjs/tar < 4.4.16 - Arbitrary File Creation and Overwrite via Symlink Directory Cache Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-3749 HIGH
axios <0.21.2 - Denial of Service via Inefficient Regular Expression
Aug 31, 2021
CVSS 7.5
EPSS 0.09
CVE-2021-3712 HIGH
OpenSSL 1.0.2-1.0.2y 1.1.1-1.1.1k - Out-of-bounds Read in ASN.1 String Processing
Aug 24, 2021
CVSS 7.4
EPSS 0.00
CVE-2021-3711 CRITICAL
OpenSSL 1.1.1-1.1.1k - Buffer Overflow in SM2 Decryption
Aug 24, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-36690 HIGH
SQLite 3.36.0 - Denial of Service via idxGetTableInfo Function
Aug 24, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-39152 HIGH NUCLEI
XStream < 1.4.18 - Remote Code Execution via Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.62
CVE-2021-39150 HIGH
Oracle Utilities Framework < 1.4.18 - SSRF
Aug 23, 2021
CVSS 8.5
EPSS 0.02
CVE-2021-39140 MEDIUM
XStream < 1.4.18 - Denial of Service via CPU Exhaustion
Aug 23, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-39154 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39153 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39151 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39149 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV