oracle

10,202 tracked vulnerabilities.

CVE-2021-39148 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39147 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39146 HIGH NUCLEI
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.50
CVE-2021-39145 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-39144 HIGH KEVNUCLEI
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.94
CVE-2021-39141 HIGH NUCLEI
XStream < 1.4.18 - Remote Code Execution via Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.83
CVE-2021-39139 HIGH
XStream < 1.4.18 - Remote Code Execution via Untrusted Data Deserialization
Aug 23, 2021
CVSS 8.5
EPSS 0.01
CVE-2021-35940 HIGH
Apache Portable Runtime <1.7.0 - Info Disclosure
Aug 23, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-37750 MEDIUM
MIT Kerberos 5 < 1.18.5 and 1.19.x < 1.19.3 - NULL Pointer Dereference in KDC FAST Inner Body
Aug 23, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-37714 HIGH
jsoup < 1.14.2 - Denial of Service via Malicious HTML/XML Input
Aug 18, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-21781 LOW
Linux Kernel 5.4.54-5.4.66 - Information Disclosure via ARM SIGPAGE
Aug 18, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-32827 MEDIUM
MockServer - Code Execution via Overbroad CORS and Script Injection
Aug 16, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-22940 HIGH
Node.js <16.6.1, 14.17.5, 12.22.5 - Use After Free
Aug 16, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-22939 MEDIUM
Node.js 12.0.0-12.22.4 and 16.0.0-16.6.1 - Improper Certificate Validation
Aug 16, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-22931 CRITICAL
Node.js <16.6.0, 14.17.4, 12.22.4 - RCE
Aug 16, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-33193 HIGH
Apache HTTP Server <2.4.49 - SSRF
Aug 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-37695 HIGH
CKEditor < 4.16.2 - Stored Cross-Site Scripting via Fake Objects HTML Injection
Aug 13, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-32809 MEDIUM
CKEditor 4.5.2-4.16.1 - HTML Injection via Malformed Paste Content
Aug 12, 2021
CVSS 4.6
EPSS 0.00
CVE-2021-32808 HIGH
CKEditor 4.13.0-4.16.1 - Stored Cross-Site Scripting via Clipboard Widget Undo Feature
Aug 12, 2021
CVSS 7.6
EPSS 0.01
CVE-2021-38604 HIGH
GNU C Library < 2.34 - Null Pointer Dereference
Aug 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-36221 MEDIUM
Go <1.15.15, <1.16.7 - Panic
Aug 08, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-29923 HIGH
Go <1.17 - IP Address Access Control Bypass via Octal Parsing
Aug 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-22926 HIGH
libcurl-using applications < - Info Disclosure
Aug 05, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22925 MEDIUM
curl 7.7-7.77.0 - Exposure of Sensitive Information via TELNET NEW_ENV Option Parser
Aug 05, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-22924 LOW
libcurl 7.10.4-7.76.1 - Connection Reuse via Case-Insensitive Path Matching
Aug 05, 2021
CVSS 3.7
EPSS 0.01
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV