VYPR

Application Express

by Oracle Corporation

CVEs (46)

  • CVE-2020-2513MedJul 15, 2020
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle…

  • CVE-2019-2484MedJul 23, 2019
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in the Application Express component of Oracle Database Server. Supported versions that are affected are 5.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker having Valid Account privilege with network access via HTTP to compromise…

  • CVE-2016-7103MedMar 15, 2017
    risk 0.34cvss 6.1epss 0.23

    Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

  • CVE-2020-2977MedJul 15, 2020
    risk 0.30cvss 4.6epss 0.01

    Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromise…

  • CVE-2020-2514MedApr 15, 2020
    risk 0.30cvss 4.6epss 0.01

    Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 19.2. Easily exploitable vulnerability allows low privileged attacker having End User Role privilege with network access via HTTPS to…

  • CVE-2009-0981Apr 15, 2009
    risk 0.03cvss epss 0.05

    Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable…

  • CVE-2025-50067Jul 15, 2025
    risk 0.00cvss epss 0.00

    Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). Supported versions that are affected are 24.2.4 and 24.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application…

  • CVE-2025-21557Jan 21, 2025
    risk 0.00cvss epss 0.00

    Vulnerability in Oracle Application Express (component: General). Supported versions that are affected are 23.2 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attacks…

  • CVE-2024-21261Oct 15, 2024
    risk 0.00cvss epss 0.00

    Vulnerability in Oracle Application Express (component: General). Supported versions that are affected are 23.2 and 24.1. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. While the…

  • CVE-2015-2655Jul 16, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2015-2586Jul 16, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect availability via unknown vectors.

  • CVE-2015-2585Jul 16, 2015
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.

  • CVE-2014-6483Oct 15, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2013-1519Apr 17, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2012-1708May 3, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2011-3525Oct 18, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user.

  • CVE-2010-0892Jul 13, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2009-1993Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE.

  • CVE-2008-4005Oct 14, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2008-1822Apr 16, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02.