oracle

10,202 tracked vulnerabilities.

CVE-2021-22897 MEDIUM
curl 7.61.0-7.76.1 - Data Element Exposure via CURLOPT_SSL_CIPHER_LIST
Jun 11, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-30641 MEDIUM
Apache HTTP Server <2.4.47 - Path Traversal
Jun 10, 2021
CVSS 5.3
EPSS 0.36
CVE-2021-26691 CRITICAL
Apache HTTP Server 2.4.0-2.4.46 - Heap-based Buffer Overflow via SessionHeader
Jun 10, 2021
CVSS 9.8
EPSS 0.48
CVE-2021-26690 HIGH
Apache HTTP Server 2.4.0-2.4.46 - Denial of Service via Crafted Cookie Header in mod_session
Jun 10, 2021
CVSS 7.5
EPSS 0.67
CVE-2021-28169 MEDIUM NUCLEI
Eclipse Jetty ConcatServlet - Information Disclosure
Jun 09, 2021
CVSS 5.3
EPSS 0.90
CVE-2021-33560 HIGH
Libgcrypt <1.8.8 & <1.9.3 - Info Disclosure
Jun 08, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-22222 HIGH
Wireshark 3.4.0-3.4.5 - Denial of Service via DVB-S2-BB Dissector Infinite Loop
Jun 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-33880 MEDIUM
websockets < 9.1 - Timing Attack via HTTP Basic Authentication
Jun 06, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-3522 MEDIUM
GStreamer <1.18.4 - Info Disclosure
Jun 02, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3520 CRITICAL
Lz4 - Buffer Overflow
Jun 02, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-31684 HIGH
json-smart-v1 1.3-1.3.2 and 2.4-2.4.3 - Denial of Service via JSONParserByteArray indexOf Function
Jun 01, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-3516 HIGH
xmllint < 2.9.11 - Use-After-Free
Jun 01, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-23017 HIGH
nginx 0.6.18-1.20.0 - Denial of Service via DNS Resolver Off-by-one Error
Jun 01, 2021
CVSS 7.7
EPSS 0.74
CVE-2021-29505 HIGH NUCLEI
XStream < 1.4.17 - Remote Code Execution via Untrusted Data Deserialization
May 28, 2021
CVSS 7.5
EPSS 0.90
CVE-2021-22118 HIGH
Spring Framework 5.2.0-5.2.14 - Authenticated Privilege Escalation via WebFlux Temporary Storage Directory
May 27, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-28170 MEDIUM
Jakarta Expression Language <3.0.3 - Info Disclosure
May 26, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-20191 MEDIUM
Oracle Virtualization < 2.8.19 - Log Information Exposure
May 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3426 MEDIUM
Python < 3.8.9, < 3.9.3, < 3.10.0a7 - Information Disclosure via pydoc Server
May 20, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-20718 HIGH
mod_auth_openidc 2.4.0-2.4.7 - Denial of Service
May 20, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-3517 HIGH
libxml2 < 2.9.11 - Out-of-bounds Read in XML Entity Encoding
May 19, 2021
CVSS 8.6
EPSS 0.00
CVE-2021-3200 LOW
libsolv <2020-12-13 - Buffer Overflow
May 18, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-3518 HIGH
libxml2 < 2.9.11 - Use-After-Free
May 18, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-3537 MEDIUM
libxml2 < 2.9.11 - NULL Pointer Dereference via XML Mixed Content Parsing
May 14, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-29921 CRITICAL
Python < 3.9.5 - IP Address Validation Bypass via Leading Zero Octets
May 06, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-25215 HIGH
BIND <9.11.30-9.17.12 - DoS
Apr 29, 2021
CVSS 7.5
EPSS 0.01
Products
mysql 1,329 jre 798 jdk 786 solaris 553 database_server 513 vm_virtualbox 417 peoplesoft_enterprise_peopletools 352 e-business_suite 330 fusion_middleware 313 weblogic_server 307 mysql_server 277 linux 229 application_server 198 outside_in_technology 195 graalvm 187 peoplesoft_products 158 jd_edwards_enterpriseone_tools 150 communications_cloud_native_core_policy 125 retail_xstore_point_of_service 125 enterprise_manager_base_platform 120 zfs_storage_appliance_kit 117 enterprise_manager_ops_center 107 jrockit 107 http_server 105 openjdk 98 supply_chain_products_suite 97 flexcube_universal_banking 95 primavera_unifier 95 webcenter_portal 90 financial_services_analytical_applications_infrastructure 89
Quick Filters
Critical CVEs With Exploits In CISA KEV