oracle

10,484 tracked vulnerabilities.

CVE-2021-4104 HIGH
Apache Log4j 1.2 - Remote Code Execution via JMSAppender JNDI Requests
Dec 14, 2021
CVSS 7.5
EPSS 0.81
CVE-2021-43818 HIGH
lxml < 4.6.5 - Cross-Site Scripting via HTML Cleaner Bypass
Dec 13, 2021
CVSS 8.2
EPSS 0.02
CVE-2021-43797 MEDIUM
Netty <4.1.71.Final - HTTP Request Smuggling
Dec 09, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-43527 CRITICAL
NSS <3.73-3.68.1 ESR - Buffer Overflow
Dec 08, 2021
CVSS 9.8
EPSS 0.18
CVE-2021-42717 HIGH
OWASP ModSecurity 2.8.0-2.9.4 and 3.0.0-3.0.5 - Denial of Service via Excessively Nested JSON Objects
Dec 07, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-41165 HIGH
CKEditor < 4.17.0 - Stored Cross-Site Scripting via Malformed HTML Comment Bypass
Nov 17, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-41164 HIGH
CKEditor 4 < 4.17.0 - Stored Cross-Site Scripting via Advanced Content Filter Bypass
Nov 17, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-43976 MEDIUM
Linux Kernel < 5.15.2 - Denial of Service via Crafted USB Device in mwifiex_usb_recv
Nov 17, 2021
CVSS 4.6
EPSS 0.01
CVE-2021-22959 MEDIUM
llhttp < 2.1.4 - HTTP Request Smuggling via Header Name Parsing
Nov 15, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-3572 MEDIUM
pip < 21.1 - Remote Revision Manipulation via Unicode Separator Handling
Nov 10, 2021
CVSS 5.7
EPSS 0.02
CVE-2021-41772 HIGH
GO < 1.16.10 - Improper Input Validation
Nov 08, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-43396 HIGH
GNU C Library 2.34 - Info Disclosure
Nov 04, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-43389 MEDIUM
Linux kernel <5.14.15 - Memory Corruption
Nov 04, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-22960 MEDIUM
llhttp < 2.1.4 and < 6.0.6 - HTTP Request Smuggling via Chunk Extension Parsing
Nov 03, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-41973 MEDIUM
Apache MINA < 2.0.22 - Denial of Service via Malformed HTTP Request
Nov 01, 2021
CVSS 6.5
EPSS 0.04
CVE-2021-22096 MEDIUM
Spring Framework <5.3.11-<5.2.18 - Info Disclosure
Oct 28, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-25219 MEDIUM
BIND 9.3.0-9.17.18 - Denial of Service via Lame Cache Exploitation
Oct 27, 2021
CVSS 5.3
EPSS 0.08
CVE-2021-41184 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Position Utility 'of' Option
Oct 26, 2021
CVSS 6.5
EPSS 0.45
CVE-2021-41183 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker Widget *Text Options
Oct 26, 2021
CVSS 6.5
EPSS 0.08
CVE-2021-41182 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker altField Option
Oct 26, 2021
CVSS 6.5
EPSS 0.42
CVE-2021-21703 HIGH
PHP 7.3.x<=7.3.31 7.4.x<7.4.25 8.0.x<8.0.12 - Privilege Escalation via FPM Shared Memory
Oct 25, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-35666 MEDIUM
Oracle HTTP Server <11.1.1.9.0 - Confidentiality Impact
Oct 20, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-35665 MEDIUM
Oracle Hyperion 11.2.6.0 - Info Disclosure
Oct 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-35662 HIGH
Oracle Outside In Tech <8.5.5 - DoS
Oct 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-35661 HIGH
Oracle Outside In Tech <8.5.5 - DoS
Oct 20, 2021
CVSS 7.5
EPSS 0.01