VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,010 total · sorted by risk
  • CVE-2019-3005MedOct 16, 2019
    risk 0.39cvss 6.0epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2019-3002MedOct 16, 2019
    risk 0.39cvss 6.0epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2019-2984MedOct 16, 2019
    risk 0.39cvss 6.0epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2019-2958MedOct 16, 2019
    risk 0.39cvss 5.9epss 0.03

    Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with…

  • CVE-2018-3123MedApr 23, 2019
    risk 0.39cvss 5.9epss 0.02

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access…

  • CVE-2018-3144MedOct 17, 2018
    risk 0.39cvss 5.9epss 0.04

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via…

  • CVE-2018-2973MedJul 18, 2018
    risk 0.39cvss 5.9epss 0.05

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171. Difficult to exploit vulnerability allows unauthenticated attacker with…

  • CVE-2018-2972MedJul 18, 2018
    risk 0.39cvss 5.9epss 0.04

    Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE.…

  • CVE-2018-2761MedApr 19, 2018
    risk 0.39cvss 5.9epss 0.04

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access…

  • CVE-2018-2760MedApr 19, 2018
    risk 0.39cvss 5.9epss 0.02

    Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). Supported versions that are affected are 12.1.3 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise…

  • CVE-2018-2753MedApr 19, 2018
    risk 0.39cvss 6.0epss 0.00

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes…

  • CVE-2018-2618MedJan 18, 2018
    risk 0.39cvss 5.9epss 0.05

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows…

  • CVE-2017-10355MedOct 19, 2017
    risk 0.39cvss 5.3epss 0.16

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows…

  • CVE-2017-10135MedAug 8, 2017
    risk 0.39cvss 5.9epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows…

  • CVE-2015-7852MedAug 7, 2017
    risk 0.39cvss 5.9epss 0.12

    ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

  • CVE-2017-3528MedApr 24, 2017
    risk 0.39cvss 5.4epss 0.15

    Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability…

  • CVE-2017-3526MedApr 24, 2017
    risk 0.39cvss 5.9epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows…

  • CVE-2015-7977MedJan 30, 2017
    risk 0.39cvss 5.9epss 0.06

    ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

  • CVE-2017-3286MedJan 27, 2017
    risk 0.39cvss 6.0epss 0.00

    Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: Patching). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the…

  • CVE-2017-3246MedJan 27, 2017
    risk 0.39cvss 6.0epss 0.00

    Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Patching). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon…

  • CVE-2016-5597MedOct 25, 2016
    risk 0.39cvss 5.9epss 0.04

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.

  • CVE-2016-5516MedOct 25, 2016
    risk 0.39cvss 6.0epss 0.00

    Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.

  • CVE-2016-5358MedAug 7, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

  • CVE-2016-5357MedAug 7, 2016
    risk 0.39cvss 5.9epss 0.03

    wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2016-3612MedJul 21, 2016
    risk 0.39cvss 5.9epss 0.03

    Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core.

  • CVE-2016-3588MedJul 21, 2016
    risk 0.39cvss 5.9epss 0.02

    Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.

  • CVE-2016-3525MedJul 21, 2016
    risk 0.39cvss 5.9epss 0.03

    Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality via vectors related to Cookie Management.

  • CVE-2016-4955MedJul 5, 2016
    risk 0.39cvss 5.9epss 0.09

    ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.

  • CVE-2016-4085MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.03

    Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet.

  • CVE-2016-4082MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted…

  • CVE-2016-4079MedApr 25, 2016
    risk 0.39cvss 5.9epss 0.02

    epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.

  • CVE-2016-0697MedApr 21, 2016
    risk 0.39cvss 6.0epss 0.01

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity via unknown vectors.

  • CVE-2016-0695MedApr 21, 2016
    risk 0.39cvss 5.9epss 0.03

    Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.

  • CVE-2016-0669MedApr 21, 2016
    risk 0.39cvss 6.0epss 0.00

    Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.

  • CVE-2015-2774MedApr 7, 2016
    risk 0.39cvss 5.9epss 0.02

    Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

  • CVE-2015-3197MedFeb 15, 2016
    risk 0.39cvss 5.9epss 0.11

    ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the…

  • CVE-2016-2047MedJan 27, 2016
    risk 0.39cvss 5.9epss 0.04

    The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname…

  • CVE-2026-34318MedApr 21, 2026
    risk 0.38cvss 5.8epss 0.00

    Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple…

  • CVE-2026-34294MedApr 21, 2026
    risk 0.38cvss 5.9epss 0.00

    Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Microsoft Active Directory). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via…

  • CVE-2026-34289MedApr 21, 2026
    risk 0.38cvss 5.9epss 0.00

    Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise…

  • CVE-2026-34288MedApr 21, 2026
    risk 0.38cvss 5.9epss 0.00

    Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2025-61881MedOct 21, 2025
    risk 0.38cvss 5.9epss 0.00

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Java VM. …

  • CVE-2025-53057MedOct 21, 2025
    risk 0.38cvss 5.9epss 0.00

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK:…

  • CVE-2025-53047MedOct 21, 2025
    risk 0.38cvss 5.8epss 0.00

    Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable…

  • CVE-2025-30761MedJul 15, 2025
    risk 0.38cvss 5.9epss 0.01

    Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit…

  • CVE-2024-21166MedJul 16, 2024
    risk 0.38cvss 5.9epss 0.01

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to…

  • CVE-2024-21126MedJul 16, 2024
    risk 0.38cvss 5.8epss 0.00

    Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via DNS to compromise Oracle…

  • CVE-2024-21109MedApr 16, 2024
    risk 0.38cvss 5.9epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle VM…

  • CVE-2024-21084MedApr 16, 2024
    risk 0.38cvss 5.8epss 0.00

    Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2024-20921MedFeb 17, 2024
    risk 0.38cvss 5.9epss 0.01

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9,…

Page 67 of 201