VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,010 total · sorted by risk
  • CVE-2018-2922LowOct 17, 2018
    risk 0.16cvss 2.5epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2017-3513LowApr 24, 2017
    risk 0.16cvss 2.5epss 0.00

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure…

  • CVE-2017-3320LowJan 27, 2017
    risk 0.16cvss 2.4epss 0.01

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to…

  • CVE-2016-3562LowOct 25, 2016
    risk 0.16cvss 2.4epss 0.01

    Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.

  • CVE-2026-35250LowApr 21, 2026
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes…

  • CVE-2025-53029LowJul 15, 2025
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes…

  • CVE-2024-21253LowOct 15, 2024
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox…

  • CVE-2024-21123LowJul 16, 2024
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with logon to the infrastructure where Oracle Database…

  • CVE-2024-20914LowJan 16, 2024
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage…

  • CVE-2021-2207LowApr 22, 2021
    risk 0.15cvss 2.3epss 0.01

    Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having RMAN executable privilege with logon…

  • CVE-2021-2042LowJan 20, 2021
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise…

  • CVE-2019-2940LowOct 16, 2019
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Create Session privilege with logon to the infrastructure where Core…

  • CVE-2019-2926LowOct 16, 2019
    risk 0.15cvss 2.3epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2018-2923LowJul 18, 2018
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported version that is affected is Prior to 8.7.20. Easily exploitable vulnerability allows high privileged attacker with logon to the…

  • CVE-2017-10292LowOct 19, 2017
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where…

  • CVE-2025-50100LowJul 15, 2025
    risk 0.14cvss 2.2epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via…

  • CVE-2025-2574LowMar 20, 2025
    risk 0.14cvss epss 0.00

    Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.

  • CVE-2024-21244LowOct 15, 2024
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols…

  • CVE-2024-21243LowOct 15, 2024
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols…

  • CVE-2024-21237LowOct 15, 2024
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network…

  • CVE-2024-21232LowOct 15, 2024
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple…

  • CVE-2024-21101LowApr 16, 2024
    risk 0.14cvss 2.2epss 0.00

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with…

  • CVE-2023-22010LowJul 18, 2023
    risk 0.14cvss 2.2epss 0.00

    Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4.3.0.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of…

  • CVE-2021-22898LowJun 11, 2021
    risk 0.14cvss 3.1epss 0.04

    curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl…

  • CVE-2020-14791LowOct 21, 2020
    risk 0.14cvss 2.2epss 0.02

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.…

  • CVE-2020-14771LowOct 21, 2020
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple…

  • CVE-2020-2933LowApr 15, 2020
    risk 0.14cvss 2.2epss 0.02

    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL…

  • CVE-2019-2814LowJul 23, 2019
    risk 0.14cvss 2.2epss 0.01

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL…

  • CVE-2016-8305LowJan 27, 2017
    risk 0.14cvss 2.1epss 0.00

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows physical…

  • CVE-2024-21209LowOct 15, 2024
    risk 0.13cvss 2.0epss 0.01

    Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols…

  • CVE-2024-21105LowApr 16, 2024
    risk 0.13cvss 2.0epss 0.00

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise…

  • CVE-2024-20925LowFeb 17, 2024
    risk 0.13cvss 3.1epss 0.01

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability…

  • CVE-2021-2141LowApr 22, 2021
    risk 0.13cvss 2.0epss 0.01

    Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows high privileged attacker with network access via…

  • CVE-2020-14770LowOct 21, 2020
    risk 0.13cvss 2.0epss 0.01

    Vulnerability in the Hyperion BI+ product of Oracle Hyperion (component: IQR-Foundation service). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise…

  • CVE-2020-14541LowJul 15, 2020
    risk 0.13cvss 2.0epss 0.01

    Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise…

  • CVE-2018-2575LowJan 18, 2018
    risk 0.13cvss 2.0epss 0.01

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with network access via multiple…

  • CVE-2025-21520LowJan 21, 2025
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the…

  • CVE-2023-21928LowApr 18, 2023
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to…

  • CVE-2021-35618LowOct 20, 2021
    risk 0.12cvss 1.8epss 0.01

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to…

  • CVE-2021-2232LowApr 22, 2021
    risk 0.12cvss 1.9epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL…

  • CVE-2021-2147LowApr 22, 2021
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage…

  • CVE-2019-3008LowOct 16, 2019
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise…

  • CVE-2018-3270LowOct 17, 2018
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2017-10122LowAug 8, 2017
    risk 0.12cvss 1.8epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2017-10120LowAug 8, 2017
    risk 0.12cvss 1.9epss 0.00

    Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure…

  • CVE-2016-8284LowOct 25, 2016
    risk 0.12cvss 1.8epss 0.00

    Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.

  • CVE-2015-0235Jan 28, 2015
    risk 0.11cvss epss 0.95

    Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

  • CVE-2013-5211Jan 2, 2014
    risk 0.11cvss epss 0.98

    The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

  • CVE-2012-3153Oct 16, 2012
    risk 0.11cvss epss 0.98

    Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the…

  • CVE-2012-2122Jun 26, 2012
    risk 0.11cvss epss 0.96

    sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp…

Page 118 of 201