VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,010 total · sorted by risk
  • CVE-2016-0683MedApr 21, 2016
    risk 0.35cvss 5.4epss 0.01

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework.

  • CVE-2016-0680MedApr 21, 2016
    risk 0.35cvss 5.4epss 0.01

    Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to Services Procurement.

  • CVE-2016-0673MedApr 21, 2016
    risk 0.35cvss 5.4epss 0.01

    Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI.

  • CVE-2016-0468MedApr 21, 2016
    risk 0.35cvss 5.4epss 0.01

    Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General.

  • CVE-2016-0408MedApr 21, 2016
    risk 0.35cvss 5.4epss 0.01

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component.

  • CVE-2015-5295MedJan 20, 2016
    risk 0.35cvss 5.4epss 0.03

    The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a…

  • CVE-2015-4000LowMay 21, 2015
    risk 0.35cvss 3.7epss 1.00

    The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by…

  • CVE-2013-0375MedJan 17, 2013
    risk 0.35cvss 5.4epss 0.02

    Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.

  • CVE-2026-46843MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of…

  • CVE-2026-46842MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of…

  • CVE-2026-46841MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Oracle REST Data Services (component: General). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks…

  • CVE-2026-46830MedMay 28, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks…

  • CVE-2026-35244MedApr 21, 2026
    risk 0.34cvss 5.2epss 0.00

    Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.24.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP…

  • CVE-2026-34273MedApr 21, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. Successful attacks of this…

  • CVE-2026-22021MedApr 21, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle…

  • CVE-2026-22013MedApr 21, 2026
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle…

  • CVE-2025-61764MedOct 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2025-53031MedJul 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable…

  • CVE-2025-50070MedJul 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the JDBC component of Oracle Database Server. Supported versions that are affected are 23.4-23.8. Difficult to exploit vulnerability allows low privileged attacker having Authenticated OS User privilege with logon to the infrastructure where JDBC executes to…

  • CVE-2025-30758MedJul 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Siebel CRM End User product of Oracle Siebel CRM (component: User Interface). Supported versions that are affected are 25.0-25.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM End…

  • CVE-2025-30726MedApr 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2025-30722MedApr 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple…

  • CVE-2025-30702MedApr 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. Supported versions that are affected are 19.3-19.26. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Fleet Patching and…

  • CVE-2025-21554MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2025-21514MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2025-21498MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. …

  • CVE-2024-21281MedOct 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.7.0.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access…

  • CVE-2024-21258MedOct 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2024-21248MedOct 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.22 and prior to 7.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2024-21143MedJul 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2024-21120MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2024-21119MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2024-21118MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2024-21117MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where…

  • CVE-2024-21093MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via…

  • CVE-2024-20991MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP…

  • CVE-2024-20990MedApr 16, 2024
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the Oracle Applications Technology product of Oracle E-Business Suite (component: Templates). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2024-20915MedFeb 17, 2024
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login - SSO). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2023-22126MedOct 17, 2023
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2023-21944MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require…

  • CVE-2023-21943MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require…

  • CVE-2023-21942MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require…

  • CVE-2023-21916MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Web Server). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2023-21904MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult to exploit vulnerability allows high privileged…

  • CVE-2023-21903MedApr 18, 2023
    risk 0.34cvss 5.3epss 0.00

    Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Internal Tfr Domain). Supported versions that are affected are 14.5, 14.6 and 14.7. Difficult to exploit vulnerability allows high privileged…

  • CVE-2023-21831MedJan 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2023-21825MedJan 18, 2023
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2022-21616MedOct 18, 2022
    risk 0.34cvss 5.2epss 0.00

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the…

  • CVE-2022-21602MedOct 18, 2022
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2022-21545MedJul 19, 2022
    risk 0.34cvss 5.3epss 0.01

    Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Candidate Self Service Registration). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

Page 84 of 201