oracle

10,202 tracked vulnerabilities.

CVE-2021-31810 MEDIUM
Ruby < 2.6.7, 2.7.x < 2.7.3, 3.x < 3.0.1 - Information Disclosure via FTP PASV Response
Jul 13, 2021
CVSS 5.8
EPSS 0.01
CVE-2021-36090 HIGH
Apache Commons Compress 1.0-1.20 - Denial of Service via Malicious ZIP Archive
Jul 13, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-35517 HIGH
Apache Commons Compress 1.1-1.19 - Denial of Service via Malicious TAR Archive
Jul 13, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-35516 HIGH
Apache Commons Compress 1.6-1.19 - Denial of Service via Malicious 7Z Archive
Jul 13, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-35515 HIGH
Apache Commons Compress 1.6-1.19 - Denial of Service via Crafted 7Z Archive
Jul 13, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-33037 MEDIUM
Apache Tomcat <10.0.7-8.5.67 - Info Disclosure
Jul 12, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-30640 MEDIUM
Apache Tomcat <10.0.6, <9.0.46, <8.5.66 - Auth Bypass
Jul 12, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-30639 HIGH
Apache Tomcat 10.0.3-10.0.4, 9.0.44, 8.5.64 - Denial of Service via Non-Blocking I/O Error Flag
Jul 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-30129 MEDIUM
Apache Mina SSHD <2.7.0 - Buffer Overflow
Jul 12, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3541 MEDIUM
libxml2 < 2.9.11 - Denial of Service via Exponential Entity Expansion
Jul 09, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3612 HIGH
Linux Kernel < 5.9.0 - Out-of-Bounds Write via JSIOCSBTNMAP ioctl
Jul 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22119 HIGH
Spring Security 5.2.0-5.2.10, 5.3.0-5.3.9, 5.4.0-5.4.6, 5.5.0 - Denial of Service via OAuth 2.0 Authorization Request
Jun 29, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-33503 HIGH
urllib3 >=1.25.4 <1.26.5 - Denial of Service via Authority Component Regex Backtracking
Jun 29, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32723 HIGH
Prism < 1.24.0 - Regular Expression Denial of Service in ASCIIDoc and ERB Highlighters
Jun 28, 2021
CVSS 7.4
EPSS 0.00
CVE-2021-3314 MEDIUM
Oracle GlassFish Server < 3.1.2.18 - Reflected Cross-Site Scripting via logViewer.jsf
Jun 25, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-2322 HIGH
OpenGrok <= 1.6.7 - Authenticated Remote Code Execution via Web App
Jun 23, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-34428 LOW
Eclipse Jetty <= 9.4.40 - Insufficient Session Expiration via SessionListener Exception
Jun 22, 2021
CVSS 2.9
EPSS 0.00
CVE-2021-33813 HIGH
JDOM < 2.0.6 - XML External Entity Injection via SAXBuilder
Jun 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-30468 HIGH
Apache CXF < 3.3.11 and 3.4.0-3.4.4 - Denial of Service via Malformed JSON
Jun 16, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-31618 HIGH
Apache HTTP Server mod_http2 1.15.17 - Denial of Service via NULL Pointer Dereference in HTTP/2 Header Handling
Jun 15, 2021
CVSS 7.5
EPSS 0.11
CVE-2021-31812 MEDIUM
Apache PDFBox 2.0.0-2.0.23 - Denial of Service via Infinite Loop
Jun 12, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-31811 MEDIUM
Apache PDFBox 2.0.0-2.0.23 - Denial of Service via Crafted PDF File
Jun 12, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-32553 HIGH
Ubuntu Linux - Information Disclosure via Symbolic Link Following in apport/hookutils.py read_file()
Jun 12, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-22901 HIGH
curl 7.75.0-7.76.1 - Use-After-Free via TLS 1.3 Session Ticket Handling
Jun 11, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-22898 LOW
curl 7.7-7.76.1 - Information Disclosure via TELNET NEW_ENV Option Parser
Jun 11, 2021
CVSS 3.1
EPSS 0.00
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV