oracle
10,484 tracked vulnerabilities.
CVE-2021-4104
HIGH
Apache Log4j 1.2 - Remote Code Execution via JMSAppender JNDI Requests
Dec 14, 2021
CVSS 7.5
EPSS 0.81
CVE-2021-43818
HIGH
lxml < 4.6.5 - Cross-Site Scripting via HTML Cleaner Bypass
Dec 13, 2021
CVSS 8.2
EPSS 0.02
CVE-2021-43797
MEDIUM
Netty <4.1.71.Final - HTTP Request Smuggling
Dec 09, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-43527
CRITICAL
NSS <3.73-3.68.1 ESR - Buffer Overflow
Dec 08, 2021
CVSS 9.8
EPSS 0.18
CVE-2021-42717
HIGH
OWASP ModSecurity 2.8.0-2.9.4 and 3.0.0-3.0.5 - Denial of Service via Excessively Nested JSON Objects
Dec 07, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-41165
HIGH
CKEditor < 4.17.0 - Stored Cross-Site Scripting via Malformed HTML Comment Bypass
Nov 17, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-41164
HIGH
CKEditor 4 < 4.17.0 - Stored Cross-Site Scripting via Advanced Content Filter Bypass
Nov 17, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-43976
MEDIUM
Linux Kernel < 5.15.2 - Denial of Service via Crafted USB Device in mwifiex_usb_recv
Nov 17, 2021
CVSS 4.6
EPSS 0.01
CVE-2021-22959
MEDIUM
llhttp < 2.1.4 - HTTP Request Smuggling via Header Name Parsing
Nov 15, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-3572
MEDIUM
pip < 21.1 - Remote Revision Manipulation via Unicode Separator Handling
Nov 10, 2021
CVSS 5.7
EPSS 0.02
CVE-2021-41772
HIGH
GO < 1.16.10 - Improper Input Validation
Nov 08, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-43396
HIGH
GNU C Library 2.34 - Info Disclosure
Nov 04, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-43389
MEDIUM
Linux kernel <5.14.15 - Memory Corruption
Nov 04, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-22960
MEDIUM
llhttp < 2.1.4 and < 6.0.6 - HTTP Request Smuggling via Chunk Extension Parsing
Nov 03, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-41973
MEDIUM
Apache MINA < 2.0.22 - Denial of Service via Malformed HTTP Request
Nov 01, 2021
CVSS 6.5
EPSS 0.04
CVE-2021-22096
MEDIUM
Spring Framework <5.3.11-<5.2.18 - Info Disclosure
Oct 28, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-25219
MEDIUM
BIND 9.3.0-9.17.18 - Denial of Service via Lame Cache Exploitation
Oct 27, 2021
CVSS 5.3
EPSS 0.08
CVE-2021-41184
MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Position Utility 'of' Option
Oct 26, 2021
CVSS 6.5
EPSS 0.45
CVE-2021-41183
MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker Widget *Text Options
Oct 26, 2021
CVSS 6.5
EPSS 0.08
CVE-2021-41182
MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker altField Option
Oct 26, 2021
CVSS 6.5
EPSS 0.42
CVE-2021-21703
HIGH
PHP 7.3.x<=7.3.31 7.4.x<7.4.25 8.0.x<8.0.12 - Privilege Escalation via FPM Shared Memory
Oct 25, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-35666
MEDIUM
Oracle HTTP Server <11.1.1.9.0 - Confidentiality Impact
Oct 20, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-35665
MEDIUM
Oracle Hyperion 11.2.6.0 - Info Disclosure
Oct 20, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-35662
HIGH
Oracle Outside In Tech <8.5.5 - DoS
Oct 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-35661
HIGH
Oracle Outside In Tech <8.5.5 - DoS
Oct 20, 2021
CVSS 7.5
EPSS 0.01
Products
mysql 1,329
jre 799
jdk 787
solaris 555
database_server 516
vm_virtualbox 427
peoplesoft_enterprise_peopletools 355
e-business_suite 337
weblogic_server 322
fusion_middleware 313
mysql_server 278
linux 229
application_server 198
outside_in_technology 195
graalvm 188
jd_edwards_enterpriseone_tools 164
peoplesoft_products 158
enterprise_manager_base_platform 135
communications_cloud_native_core_policy 125
retail_xstore_point_of_service 125
zfs_storage_appliance_kit 117
enterprise_manager_ops_center 107
jrockit 107
http_server 105
webcenter_portal 100
openjdk 98
supply_chain_products_suite 97
flexcube_universal_banking 95
primavera_unifier 95
financial_services_analytical_applications_infrastructure 90
Quick Filters