VIR Vulnerability Intelligence Relay

Search

Found 2,909 results in 268ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46843 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
CVE-2026-46842 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
CVE-2026-46835 high 7.5 7.5 oracle 6d ago Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
CVE-2026-46834 high 7.5 7.5 oracle 6d ago Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
CVE-2026-46830 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ…
CVE-2026-46829 high 7.5 7.5 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ…
CVE-2026-46828 high 8.1 8.1 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
CVE-2026-46827 high 8.8 8.8 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability al…
CVE-2026-46826 high 8.8 8.8 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
CVE-2026-46823 high 7.7 7.7 oracle 6d ago Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex…
CVE-2026-46821 high 7.7 7.7 oracle 6d ago Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
CVE-2026-46820 high 8.5 8.5 oracle 6d ago Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
CVE-2026-35277 high 8.1 8.1 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network acc…
CVE-2026-35266 high 7.9 7.9 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network a…
CVE-2026-35255 medium 6.6 6.6 oracle 29d ago Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability…
CVE-2026-35254 medium 6.1 6.1 oracle 29d ago Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw…
CVE-2026-35253 medium 4.7 4.7 oracle 29d ago Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker w…
CVE-2026-35244 medium 5.2 5.2 oracle 1mo ago Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.24.0.000. Easily exploita…
CVE-2026-35229 high 7.5 7.5 oracle 1mo ago Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.30 and 21.3-21.21. Easily exploitable vulnerability allows unauthenticated attacke…
CVE-2026-34319 medium 5.0 5.0 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
CVE-2026-34318 medium 5.8 5.8 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu…
CVE-2026-34317 medium 5.0 5.0 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
CVE-2026-34314 medium 6.8 6.8 oracle 1mo ago Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected ar…
CVE-2026-21997 high 8.5 8.5 oracle 1mo ago Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitab…
CVE-2026-21945 high 7.5 7.5 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21933 medium 6.1 6.1 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21925 medium 4.8 4.8 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21932 high 7.4 7.4 FIX slesdebian debian oraclegoogle 4mo ago Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle Jav…
CVE-2025-53066 high 7.5 7.5 FIX rhel slesdebian debian oracle 7mo ago RHSA-2025:22370: java-1.8.0-ibm security update (Moderate)
CVE-2025-53057 medium 5.9 5.9 FIX rhel slesdebian debian oracle 7mo ago RHSA-2025:22370: java-1.8.0-ibm security update (Moderate)
CVE-2024-21262 medium 6.5 6.5 netapporacle 2y ago Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthent…
CVE-2024-21182 high 7.5 9.0 KEV oracle 2y ago Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vu…
CVE-2022-21626 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21618 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-34169 high 7.5 7.5 FIX debian debian rhel sles apacheoraclenetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21549 medium 5.3 5.3 FIX rhel sles rocky oracleazulnetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21540 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2019-13118 medium 5.3 5.3 FIX slesdebian debiansuse suse xmlsoftnetapporacle 4y ago In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, …
CVE-2022-25647 high 7.5 7.5 FIX slesdebian debian googlenetapporacle 4y ago Deserialization of Untrusted Data in Gson
CVE-2022-21476 high 7.5 7.5 FIX rhelarch arch sles oraclenetappazul 4y ago RHSA-2022:1491: java-1.8.0-openjdk security update (Important)
CVE-2020-8554 medium 6.3 6.3 FIX slesdebian debian kubernetesoracle 4y ago Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacke…
CVE-2022-21366 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21360 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21341 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21340 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21305 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21299 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21296 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21294 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21293 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21291 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21283 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21282 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21277 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-23307 high 8.8 8.8 FIX debian debian sles rocky apacheqosoracle 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2022-23302 high 8.8 8.8 FIX debian debian sles rocky apachenetappbroadcom 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-44832 medium 6.6 6.6 FIX debian debian slesfedora fedora apacheoraclecisco 5y ago Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender wit…
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2021-4104 high 7.5 7.5 FIX debian debian sles rocky apacheredhatoracle 5y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-35556 medium 5.3 5.3 FIX arch arch sles rocky oraclenetapp 5y ago RHSA-2022:0345: java-1.8.0-ibm security update (Important)
CVE-2021-41617 high 7.0 7.0 FIX arch arch sles rocky openbsdnetapporacle 5y ago sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs …
CVE-2021-22926 high 7.5 7.5 sles haxxnetapporacle 5y ago libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is bui…
CVE-2021-22897 medium 5.3 5.3 FIX arch archdebian debian haxxoraclenetapp 5y ago curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…
CVE-2021-3522 medium 5.5 5.5 FIX debian debian sles gstreamernetapporacle 5y ago GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2019-16168 medium 6.5 6.5 FIX rocky slesdebian debian sqlitenetapptenable 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-36183 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Unsafe Deserialization in jackson-databind
CVE-2020-35728 high 8.1 8.1 FIX slesdebian debian fasterxmlnetapporacle 6y ago Serialization gadget exploit in jackson-databind
CVE-2020-1971 medium 5.9 5.9 FIX arch arch slesdebian debian openssloraclenetapp 6y ago RHSA-2020:5476: openssl security and bug fix update (Important)
CVE-2020-14060 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Deserialization of untrusted data in Jackson Databind
CVE-2020-14062 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Deserialization of untrusted data in Jackson Databind
CVE-2020-11619 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11113 high 8.8 8.8 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11112 high 8.8 8.8 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2019-11135 medium 6.5 6.5 FIX arch arch slesdebian debian slackwarehpintel 6y ago TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2019-13117 medium 5.3 5.3 FIX slesdebian debianubuntu ubuntu xmlsoftoracle 7y ago In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte o…
CVE-2019-7317 medium 5.3 5.3 FIX arch arch slesdebian debian libpngoraclehp 7y ago png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-13785 medium 6.5 6.5 FIX slesdebian debianubuntu ubuntu libpngoracle 8y ago In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG fil…
CVE-2018-3639 medium 5.5 6.5 EXPFIX slesdebian debian rhel intelarmredhat 8y ago Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of i…
CVE-2017-5753 medium 5.6 6.6 EXPFIX arch arch slesdebian debian inteloraclesynology 9y ago Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2013-4578 medium 5.3 5.3 oracle 9y ago jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper fi…
CVE-2017-17740 high 7.5 7.5 slesdebian debiansuse suse openldaporaclemcafee 9y ago contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows r…
CVE-2017-15707 medium 6.2 6.2 apachenetapporacle 9y ago Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
CVE-2017-10278 high 7.0 7.0 oracle 9y ago Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Difficult to exploit vul…
CVE-2017-10267 high 7.5 7.5 oracle 9y ago Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerabi…
CVE-2017-10266 medium 5.3 5.3 oracle 9y ago Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerabi…
CVE-2016-8610 high 7.5 7.5 FIX sles rheldebian debian opensslredhatnetapp 9y ago A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote…
CVE-2017-15906 medium 5.3 5.3 FIX slesdebian debian rhel openbsdoraclenetapp 9y ago The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2017-3588 high 7.3 7.3 oracle 9y ago Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerabilit…
CVE-2017-3446 high 8.2 8.2 oracle 9y ago Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…
CVE-2017-3445 high 8.2 8.2 oracle 9y ago Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…
CVE-2017-3444 high 8.2 8.2 oracle 9y ago Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2…
CVE-2017-10428 medium 5.0 5.0 FIX debian debian oracle 9y ago Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.30. Difficult to exploit vulnerability allows…
CVE-2017-10427 medium 6.5 6.5 oracle 9y ago Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.11, 6.5.11, 7.0.6, 7.1.6…
CVE-2017-10425 medium 5.4 5.4 oracle 9y ago Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Service Host). Supported versions that are affected are 2.6, 2.7, 2.8 and 2.9. Easily expl…
CVE-2017-10424 high 8.8 8.8 oracle 9y ago Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.…
CVE-2017-10423 medium 5.4 5.4 oracle 9y ago Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily explo…
CVE-2017-10422 medium 5.9 5.9 oracle 9y ago Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Updates Change Assistant). The supported version that is affected is 8.54. Difficult to e…
CVE-2017-10421 medium 6.5 6.5 oracle 9y ago Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vul…
CVE-2017-10420 medium 6.4 6.4 oracle 9y ago Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vul…
CVE-2017-10419 medium 5.1 5.1 oracle 9y ago Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: PMS). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnera…