Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34364
A buffer overflow exists in Progress DataDirect Connect for ODBC prior to 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an malicious user to execute code of their c...
Progress Datadirect Odbc Oracle Wire Protocol Driver
9.8
CVSSv3
CVE-2023-21890
Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via UDP to co...
Oracle Communications Converged Application Server 8.0.0
Oracle Communications Converged Application Server 7.1.0
9.8
CVSSv3
CVE-2022-21587
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...
Oracle E-business Suite
2 Github repositories
3 Articles
9.8
CVSSv3
CVE-2022-39428
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...
Oracle Web Applications Desktop Integrator
9.8
CVSSv3
CVE-2022-39135
Apache Calcite 1.22.0 introduced the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity (XXE) attack. Therefore any client exposin...
Apache Calcite
9.8
CVSSv3
CVE-2022-21543
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp...
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
9.8
CVSSv3
CVE-2020-35163
Dell BSAFE Crypto-C Micro Edition, versions prior to 4.1.5, and Dell BSAFE Micro Edition Suite, versions prior to 4.6, contain a Use of Insufficiently Random Values Vulnerability.
Dell Bsafe Crypto-c-micro-edition
Dell Bsafe Micro-edition-suite
Oracle Http Server 12.2.1.3.0
Oracle Security Service 12.2.1.3.0
Oracle Security Service 12.2.1.4.0
Oracle Database 12.1.0.2
Oracle Database 19c
Oracle Http Server 12.2.1.4.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.3.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.4.0
Oracle Database 21c
9.8
CVSSv3
CVE-2020-35166
Dell BSAFE Crypto-C Micro Edition, versions prior to 4.1.5, and Dell BSAFE Micro Edition Suite, versions prior to 4.6, contain an Observable Timing Discrepancy Vulnerability.
Dell Bsafe Crypto-c-micro-edition
Dell Bsafe Micro-edition-suite
Oracle Http Server 12.2.1.3.0
Oracle Security Service 12.2.1.3.0
Oracle Security Service 12.2.1.4.0
Oracle Database 12.1.0.2
Oracle Database 19c
Oracle Http Server 12.2.1.4.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.3.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.4.0
Oracle Database 21c
9.8
CVSSv3
CVE-2020-35167
Dell BSAFE Crypto-C Micro Edition, versions prior to 4.1.5, and Dell BSAFE Micro Edition Suite, versions prior to 4.6, contain an Observable Timing Discrepancy Vulnerability.
Dell Bsafe Crypto-c-micro-edition
Dell Bsafe Micro-edition-suite
Oracle Http Server 12.2.1.3.0
Oracle Security Service 12.2.1.3.0
Oracle Security Service 12.2.1.4.0
Oracle Database 12.1.0.2
Oracle Database 19c
Oracle Http Server 12.2.1.4.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.3.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.4.0
Oracle Database 21c
9.8
CVSSv3
CVE-2020-35168
Dell BSAFE Crypto-C Micro Edition, versions prior to 4.1.5, and Dell BSAFE Micro Edition Suite, versions prior to 4.6, contain an Observable Timing Discrepancy Vulnerability.
Dell Bsafe Crypto-c-micro-edition
Dell Bsafe Micro-edition-suite
Oracle Http Server 12.2.1.3.0
Oracle Security Service 12.2.1.3.0
Oracle Security Service 12.2.1.4.0
Oracle Database 12.1.0.2
Oracle Database 19c
Oracle Http Server 12.2.1.4.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.3.0
Oracle Weblogic Server Proxy Plug-in 12.2.1.4.0
Oracle Database 21c
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »