oracle
10,484 tracked vulnerabilities.
CVE-2021-21705
MEDIUM
PHP 7.3.0-7.3.28 - Improper Input Validation in filter_var URL Validation
Oct 04, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-22947
MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-22946
HIGH
curl >=7.20.0-7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-41617
HIGH
OpenSSH 6.2-8.x - Privilege Escalation via AuthorizedKeysCommand and AuthorizedPrincipalsCommand Helper Programs
Sep 26, 2021
CVSS 7.0
EPSS 0.02
CVE-2021-2464
HIGH
Oracle Linux 7 and 8 - Authenticated Remote Code Execution in OSwatcher
Sep 24, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22945
CRITICAL
libcurl <= 7.73.0, 7.78.0 - Use After Free
Sep 23, 2021
CVSS 9.1
EPSS 0.06
CVE-2021-38153
MEDIUM
Apache Kafka <2.8.1-2.8.0 - Timing Attack
Sep 22, 2021
CVSS 5.9
EPSS 0.06
CVE-2021-40690
HIGH
Apache Santuario XML Security for Java < 2.1.7 - Sensitive Information Exposure via XPath Transform
Sep 19, 2021
CVSS 7.5
EPSS 0.11
CVE-2021-41303
CRITICAL
Apache Shiro < 1.8.0 - Authentication Bypass via Spring Boot Integration
Sep 17, 2021
CVSS 9.8
EPSS 0.77
CVE-2021-3807
HIGH
ansi-regex - Inefficient Regular Expression Complexity
Sep 17, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-40438
CRITICAL
KEVNUCLEI
Apache HTTP Server <2.4.48 - SSRF
Sep 16, 2021
CVSS 9.0
EPSS 1.00
CVE-2021-39275
CRITICAL
Apache HTTP Server < 2.4.49 - Out-of-bounds Write in ap_escape_quotes()
Sep 16, 2021
CVSS 9.8
EPSS 0.36
CVE-2021-36160
HIGH
Apache HTTP Server 2.4.30-2.4.48 - Denial of Service via mod_proxy_uwsgi URI Path
Sep 16, 2021
CVSS 7.5
EPSS 0.63
CVE-2021-34798
HIGH
Apache HTTP Server < 2.4.48 - NULL Pointer Dereference
Sep 16, 2021
CVSS 7.5
EPSS 0.65
CVE-2021-23440
HIGH
set-value < 2.0.1 and 3.0.0-4.0.1 - Type Confusion via Array Path Parameter
Sep 12, 2021
CVSS 7.3
EPSS 0.02
CVE-2021-3634
MEDIUM
libssh < 0.9.6 - Out-of-bounds Write via Session ID Buffer Handling
Aug 31, 2021
CVSS 6.5
EPSS 0.05
CVE-2021-39135
HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Symbolic Link Following
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-39134
HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Case-Insensitive Dependency Resolution
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-37713
HIGH
npmjs/tar < 4.4.18 - Arbitrary File Creation/Overwrite and Code Execution via Path Traversal
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-37712
HIGH
tar < 4.4.18, 5.0.10, 6.1.9 - Arbitrary File Creation and Overwrite via Unicode Normalization Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.02
CVE-2021-37701
HIGH
npmjs/tar < 4.4.16 - Arbitrary File Creation and Overwrite via Symlink Directory Cache Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.03
CVE-2021-3749
HIGH
axios <0.21.2 - Denial of Service via Inefficient Regular Expression
Aug 31, 2021
CVSS 7.5
EPSS 0.09
CVE-2021-3712
HIGH
OpenSSL 1.0.2-1.0.2y 1.1.1-1.1.1k - Out-of-bounds Read in ASN.1 String Processing
Aug 24, 2021
CVSS 7.4
EPSS 0.50
CVE-2021-3711
CRITICAL
OpenSSL 1.1.1-1.1.1k - Buffer Overflow in SM2 Decryption
Aug 24, 2021
CVSS 9.8
EPSS 0.88
CVE-2021-36690
HIGH
SQLite 3.36.0 - Denial of Service via idxGetTableInfo Function
Aug 24, 2021
CVSS 7.5
EPSS 0.04
Products
mysql 1,329
jre 799
jdk 787
solaris 555
database_server 516
vm_virtualbox 427
peoplesoft_enterprise_peopletools 355
e-business_suite 337
weblogic_server 322
fusion_middleware 313
mysql_server 278
linux 229
application_server 198
outside_in_technology 195
graalvm 188
jd_edwards_enterpriseone_tools 164
peoplesoft_products 158
enterprise_manager_base_platform 135
communications_cloud_native_core_policy 125
retail_xstore_point_of_service 125
zfs_storage_appliance_kit 117
enterprise_manager_ops_center 107
jrockit 107
http_server 105
webcenter_portal 100
openjdk 98
supply_chain_products_suite 97
flexcube_universal_banking 95
primavera_unifier 95
financial_services_analytical_applications_infrastructure 90
Quick Filters