VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,029 total · sorted by risk
  • CVE-2020-2799MedApr 15, 2020
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple…

  • CVE-2020-2795MedApr 15, 2020
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Supported versions that are affected are 8.6.0-8.6.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle…

  • CVE-2020-2768MedApr 15, 2020
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.3.28 and prior, 7.4.27 and prior, 7.5.17 and prior, 7.6.13 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged…

  • CVE-2020-2609MedJan 15, 2020
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2019-2853MedJul 23, 2019
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2019-2788MedJul 23, 2019
    risk 0.41cvss 6.3epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Open Fabrics Tools). The supported version that is affected is 11.4. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris…

  • CVE-2019-2726MedMay 24, 2019
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). The supported version that is affected is 12.3.3. Difficult to exploit vulnerability allows low privileged attacker with network access…

  • CVE-2019-2692MedApr 23, 2019
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors…

  • CVE-2019-2684MedApr 23, 2019
    risk 0.41cvss 5.9epss 0.38

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network…

  • CVE-2018-3305MedJan 16, 2019
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows low…

  • CVE-2018-19439MedDec 13, 2018
    risk 0.41cvss 6.1epss 0.20

    XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). helpwindow.jsp has reflected XSS via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle…

  • CVE-2018-3091MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM…

  • CVE-2018-3037MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low…

  • CVE-2018-3036MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged…

  • CVE-2018-3028MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2018-3020MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2018-2974MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily…

  • CVE-2018-2881MedJul 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Database). Supported versions that are affected are 11.0.x, 12.0.x, 12.1.x, 12.1.1.x, 12.1.2.x and 13.1.x. Easily exploitable vulnerability allows low privileged attacker with network…

  • CVE-2018-2857MedApr 19, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is Prior to 8.7.17. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2018-2756MedApr 19, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: WebUI). Supported versions that are affected are 7.2.4.3.0, 7.3.0.1.x, 7.3.1.0.7 and 7.3.5.0.x. Easily exploitable vulnerability allows low…

  • CVE-2018-2570MedJan 18, 2018
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2017-15707MedDec 1, 2017
    risk 0.41cvss 6.2epss 0.05

    In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

  • CVE-2017-10393MedOct 19, 2017
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10385MedOct 19, 2017
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10163MedOct 19, 2017
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web General). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows…

  • CVE-2017-10153MedOct 19, 2017
    risk 0.41cvss 6.3epss 0.02

    Vulnerability in the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Gson)). Supported versions that are affected are 7.0, 7.1 and 7.2. Difficult to exploit vulnerability allows low privileged attacker with…

  • CVE-2017-3291MedJan 27, 2017
    risk 0.41cvss 6.3epss 0.00

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to…

  • CVE-2016-8299MedJan 27, 2017
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low…

  • CVE-2016-5545MedJan 27, 2017
    risk 0.41cvss 6.3epss 0.01

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2016-5604MedOct 25, 2016
    risk 0.41cvss 6.3epss 0.00

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563.

  • CVE-2016-5601MedOct 25, 2016
    risk 0.41cvss 6.3epss 0.00

    Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.

  • CVE-2016-2837MedAug 5, 2016
    risk 0.41cvss 6.3epss 0.05

    Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and…

  • CVE-2016-3563MedJul 21, 2016
    risk 0.41cvss 6.3epss 0.00

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-5604.

  • CVE-2026-35254MedMay 6, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this…

  • CVE-2026-34284MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware (component: Human workflow 11g+). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2026-34283MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2026-34274MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2026-34269MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft…

  • CVE-2026-21933MedJan 20, 2026
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle…

  • CVE-2025-50107MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Request handling). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2025-50073MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2025-30759MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Platform Security). Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2025-30756MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in Oracle REST Data Services (component: General). The supported version that is affected is 24.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle REST Data Services. Successful attacks require…

  • CVE-2025-30748MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2025-30746MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. …

  • CVE-2025-30745MedJul 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Supported versions that are affected are 12.2.12-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP…

  • CVE-2025-30732MedApr 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2025-30720MedApr 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Orders). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2025-30719MedApr 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes…

  • CVE-2025-30709MedApr 15, 2025
    risk 0.40cvss 6.1epss 0.00

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

Page 56 of 201