VIR Vulnerability Intelligence Relay

Search

Found 3,754 results in 382ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46843 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
CVE-2026-46842 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
CVE-2026-46835 high 7.5 7.5 oracle 6d ago Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
CVE-2026-46834 high 7.5 7.5 oracle 6d ago Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with n…
CVE-2026-46833 critical 9.0 9.0 oracle 6d ago Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with…
CVE-2026-46830 medium 5.3 5.3 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ…
CVE-2026-46829 high 7.5 7.5 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ…
CVE-2026-46828 high 8.1 8.1 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
CVE-2026-46827 high 8.8 8.8 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability al…
CVE-2026-46826 high 8.8 8.8 oracle 6d ago Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
CVE-2026-46824 critical 9.9 9.9 oracle 6d ago Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Eas…
CVE-2026-46823 high 7.7 7.7 oracle 6d ago Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily ex…
CVE-2026-46822 critical 9.9 9.9 oracle 6d ago Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability all…
CVE-2026-46821 high 7.7 7.7 oracle 6d ago Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
CVE-2026-46820 high 8.5 8.5 oracle 6d ago Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v…
CVE-2026-46819 critical 9.1 9.1 oracle 6d ago Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploi…
CVE-2026-46775 critical 9.9 9.9 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network acc…
CVE-2026-35277 high 8.1 8.1 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network acc…
CVE-2026-35266 high 7.9 7.9 oracle 6d ago Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network a…
CVE-2026-34311 critical 9.8 9.8 oracle 6d ago Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Opera). Supported versions that are affected are 5.6.19.24, 5.6.22, 5.6.25.19…
CVE-2026-35255 medium 6.6 6.6 oracle 29d ago Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily exploitable vulnerability…
CVE-2026-35254 medium 6.1 6.1 oracle 29d ago Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with netw…
CVE-2026-35253 medium 4.7 4.7 oracle 29d ago Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker w…
CVE-2026-35244 medium 5.2 5.2 oracle 1mo ago Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.24.0.000. Easily exploita…
CVE-2026-35229 high 7.5 7.5 oracle 1mo ago Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.30 and 21.3-21.21. Easily exploitable vulnerability allows unauthenticated attacke…
CVE-2026-34319 medium 5.0 5.0 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
CVE-2026-34318 medium 5.8 5.8 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vu…
CVE-2026-34317 medium 5.0 5.0 FIX debian debian oracle 1mo ago Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vuln…
CVE-2026-34314 medium 6.8 6.8 oracle 1mo ago Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected ar…
CVE-2026-21997 high 8.5 8.5 oracle 1mo ago Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitab…
CVE-2026-21945 high 7.5 7.5 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21933 medium 6.1 6.1 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21925 medium 4.8 4.8 FIX rocky rhel sles oracle 4mo ago RHSA-2026:4832: java-1.8.0-ibm security update (Important)
CVE-2026-21947 low 3.1 3.1 FIX slesdebian debian oracle 4mo ago Vulnerability in Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with netwo…
CVE-2026-21932 high 7.4 7.4 FIX slesdebian debian oraclegoogle 4mo ago Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle Jav…
CVE-2025-53066 high 7.5 7.5 FIX rhel slesdebian debian oracle 7mo ago RHSA-2025:22370: java-1.8.0-ibm security update (Moderate)
CVE-2025-53057 medium 5.9 5.9 FIX rhel slesdebian debian oracle 7mo ago RHSA-2025:22370: java-1.8.0-ibm security update (Moderate)
CVE-2025-61748 low 3.7 3.7 FIX rhel slesdebian debian oracle 8mo ago RHSA-2025:18824: java-21-openjdk security update (Moderate)
CVE-2024-21262 medium 6.5 6.5 netapporacle 2y ago Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthent…
CVE-2024-21182 high 7.5 9.0 KEV oracle 2y ago Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vu…
CVE-2023-21968 low 3.7 3.7 FIX rhel rocky sles oraclenetapp 3y ago RHSA-2023:4103: java-1.8.0-ibm security update (Important)
CVE-2022-39399 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-21626 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21624 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21619 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21618 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-34169 high 7.5 7.5 FIX debian debian rhel sles apacheoraclenetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21549 medium 5.3 5.3 FIX rhel sles rocky oracleazulnetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21540 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2019-13118 medium 5.3 5.3 FIX slesdebian debiansuse suse xmlsoftnetapporacle 4y ago In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, …
CVE-2017-3590 low 3.3 3.3 FIX debian debian oracle 4y ago Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows…
CVE-2022-25647 high 7.5 7.5 FIX slesdebian debian googlenetapporacle 4y ago Deserialization of Untrusted Data in Gson
CVE-2022-21476 high 7.5 7.5 FIX rhelarch arch sles oraclenetappazul 4y ago RHSA-2022:1491: java-1.8.0-openjdk security update (Important)
CVE-2020-8554 medium 6.3 6.3 FIX slesdebian debian kubernetesoracle 4y ago Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacke…
CVE-2022-21366 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21360 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21341 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21340 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21305 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21299 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21296 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21294 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21293 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21291 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21283 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21282 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21277 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-23307 high 8.8 8.8 FIX debian debian sles rocky apacheqosoracle 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2022-23305 critical 9.8 9.8 FIX debian debian sles rocky apachenetappbroadcom 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2022-23302 high 8.8 8.8 FIX debian debian sles rocky apachenetappbroadcom 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-44832 medium 6.6 6.6 FIX debian debian slesfedora fedora apacheoraclecisco 5y ago Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender wit…
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2021-4104 high 7.5 7.5 FIX debian debian sles rocky apacheredhatoracle 5y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-35556 medium 5.3 5.3 FIX arch arch sles rocky oraclenetapp 5y ago RHSA-2022:0345: java-1.8.0-ibm security update (Important)
CVE-2021-41617 high 7.0 7.0 FIX arch arch sles rocky openbsdnetapporacle 5y ago sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs …
CVE-2021-22926 high 7.5 7.5 sles haxxnetapporacle 5y ago libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is bui…
CVE-2021-22897 medium 5.3 5.3 FIX arch archdebian debian haxxoraclenetapp 5y ago curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…
CVE-2021-3522 medium 5.5 5.5 FIX debian debian sles gstreamernetapporacle 5y ago GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2019-16168 medium 6.5 6.5 FIX rocky slesdebian debian sqlitenetapptenable 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-36183 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Unsafe Deserialization in jackson-databind
CVE-2020-35728 high 8.1 8.1 FIX slesdebian debian fasterxmlnetapporacle 6y ago Serialization gadget exploit in jackson-databind
CVE-2020-1971 medium 5.9 5.9 FIX arch arch slesdebian debian openssloraclenetapp 6y ago RHSA-2020:5476: openssl security and bug fix update (Important)
CVE-2020-14060 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Deserialization of untrusted data in Jackson Databind
CVE-2020-14062 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago Deserialization of untrusted data in Jackson Databind
CVE-2020-9488 low 3.7 3.7 FIX debian debian sles oracleapacheqos 6y ago Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log mess…
CVE-2020-11619 high 8.1 8.1 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11113 high 8.8 8.8 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11112 high 8.8 8.8 FIX debian debian fasterxmlnetapporacle 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-9546 critical 9.8 9.8 FIX debian debian rocky rhel fasterxmlnetapporacle 6y ago RHSA-2020:1644: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (Moderate)
CVE-2019-11135 medium 6.5 6.5 FIX arch arch slesdebian debian slackwarehpintel 6y ago TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2019-17571 critical 9.8 9.8 FIX debian debian slesubuntu ubuntu apachenetapporacle 7y ago Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga…
CVE-2019-13117 medium 5.3 5.3 FIX slesdebian debianubuntu ubuntu xmlsoftoracle 7y ago In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte o…
CVE-2019-11068 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu xmlsoftoraclenetapp 7y ago RHSA-2020:4464: libxslt security update (Moderate)
CVE-2019-7317 medium 5.3 5.3 FIX arch arch slesdebian debian libpngoraclehp 7y ago png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2018-13785 medium 6.5 6.5 FIX slesdebian debianubuntu ubuntu libpngoracle 8y ago In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG fil…
CVE-2018-3639 medium 5.5 6.5 EXPFIX slesdebian debian rhel intelarmredhat 8y ago Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of i…
CVE-2017-5753 medium 5.6 6.6 EXPFIX arch arch slesdebian debian inteloraclesynology 9y ago Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2013-4578 medium 5.3 5.3 oracle 9y ago jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper fi…
CVE-2017-17740 high 7.5 7.5 slesdebian debiansuse suse openldaporaclemcafee 9y ago contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows r…
CVE-2017-15708 critical 9.8 9.8 apacheoracle 9y ago Remote Code Execution in Apache Synapse