VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,060 total · sorted by risk
  • CVE-2023-21934MedApr 18, 2023
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. …

  • CVE-2023-21922MedApr 18, 2023
    risk 0.44cvss 6.8epss 0.00

    Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network…

  • CVE-2023-21918MedApr 18, 2023
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local SYSDBA privilege with network access via Oracle Net to…

  • CVE-2022-21585MedJul 19, 2022
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to…

  • CVE-2022-21582MedJul 19, 2022
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to…

  • CVE-2022-21578MedJul 19, 2022
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with…

  • CVE-2022-21551MedJul 19, 2022
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise…

  • CVE-2022-21428MedJul 19, 2022
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1-12.4, 14.0-14.3 and 14.5. Difficult to exploit vulnerability allows low privileged attacker with…

  • CVE-2022-21499MedJun 9, 2022
    risk 0.44cvss 6.7epss 0.01

    KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base…

  • CVE-2022-25647HigMay 1, 2022
    risk 0.44cvss 7.7epss 0.12

    The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

  • CVE-2022-21465MedApr 19, 2022
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox…

  • CVE-2021-35567MedOct 20, 2021
    risk 0.44cvss 6.8epss 0.03

    Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows…

  • CVE-2021-35545MedOct 20, 2021
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox…

  • CVE-2021-2414MedOct 20, 2021
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to…

  • CVE-2021-2332MedOct 20, 2021
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle LogMiner component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise…

  • CVE-2021-2151MedApr 22, 2021
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise…

  • CVE-2021-2046MedJan 20, 2021
    risk 0.44cvss 6.8epss 0.02

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise…

  • CVE-2020-14858MedOct 21, 2020
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP…

  • CVE-2020-14757MedOct 21, 2020
    risk 0.44cvss 6.8epss 0.02

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). The supported version that is affected is 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2020-14557MedJul 15, 2020
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network…

  • CVE-2020-14552MedJul 15, 2020
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access…

  • CVE-2019-2989MedOct 16, 2019
    risk 0.44cvss 6.8epss 0.03

    Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with…

  • CVE-2019-2976MedOct 16, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 17.1.0-17.12.12. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2019-2949MedOct 16, 2019
    risk 0.44cvss 6.8epss 0.04

    Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network…

  • CVE-2019-2936MedOct 16, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Difficult to exploit vulnerability allows low privileged attacker having Admin - Configuration privilege with…

  • CVE-2019-2909MedOct 16, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java…

  • CVE-2019-2862MedJul 23, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: Java). The supported version that is affected is 19.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise…

  • CVE-2019-2749MedJul 23, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network…

  • CVE-2019-2594MedApr 23, 2019
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Application Server). Supported versions that are affected are 8.55, 8.56 and 8.57. Difficult to exploit vulnerability allows low privileged attacker with network…

  • CVE-2019-2557MedApr 23, 2019
    risk 0.44cvss 6.3epss 0.06

    Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network…

  • CVE-2019-2452MedJan 16, 2019
    risk 0.44cvss 6.7epss 0.02

    Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows high privileged attacker with network access…

  • CVE-2019-2409MedJan 16, 2019
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2018-3122MedOct 17, 2018
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via…

  • CVE-2018-2888MedJul 18, 2018
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Back Office). Supported versions that are affected are 10.2.x, 11.0.x, 12.0.x, 12.1.x, 12.1.1.x,12.1.2.x and 13.1.x. Difficult to exploit vulnerability allows physical access to…

  • CVE-2018-3639MedMay 22, 2018
    risk 0.44cvss 5.5epss 0.61

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…

  • CVE-2018-2583MedJan 18, 2018
    risk 0.44cvss 6.8epss 0.03

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple…

  • CVE-2017-10274MedOct 19, 2017
    risk 0.44cvss 6.8epss 0.03

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to…

  • CVE-2017-10235MedAug 8, 2017
    risk 0.44cvss 6.7epss 0.01

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM…

  • CVE-2017-10198MedAug 8, 2017
    risk 0.44cvss 6.8epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows…

  • CVE-2017-10181MedAug 8, 2017
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network…

  • CVE-2017-10039MedAug 8, 2017
    risk 0.44cvss 6.8epss 0.02

    Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Web Client). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise…

  • CVE-2017-10004MedAug 8, 2017
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2017-3485MedApr 24, 2017
    risk 0.44cvss 6.8epss 0.02

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Difficult to exploit…

  • CVE-2017-3312MedJan 27, 2017
    risk 0.44cvss 6.7epss 0.00

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to…

  • CVE-2016-8318MedJan 27, 2017
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2016-5610MedOct 25, 2016
    risk 0.44cvss 6.8epss 0.00

    Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core.

  • CVE-2016-5540MedOct 25, 2016
    risk 0.44cvss 6.7epss 0.00

    Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors.

  • CVE-2016-5538MedOct 25, 2016
    risk 0.44cvss 6.7epss 0.00

    Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501.

  • CVE-2016-2180HigAug 1, 2016
    risk 0.44cvss 7.5epss 0.29

    The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp…

  • CVE-2016-3489MedJul 21, 2016
    risk 0.44cvss 6.7epss 0.00

    Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

Page 42 of 202