CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2023/10/17 10:15 p.m.•13 views

Design/Logic Flaw

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 12.3, 12.4, 14.0-14.3 and 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via...

4.9CVSS5.2AI score0.00098EPSS

Prion•added 2023/10/17 10:15 p.m.•20 views

Design/Logic Flaw

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...

5.8CVSS5.9AI score0.0019EPSS

Prion•added 2023/10/17 10:15 p.m.•67 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Prion•added 2023/10/17 10:15 p.m.•23 views

Design/Logic Flaw

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful...

7.5CVSS9.4AI score0.00661EPSS

Prion•added 2023/10/17 10:15 p.m.•54 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

Prion•added 2023/10/17 10:15 p.m.•58 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Prion•added 2023/10/17 10:15 p.m.•15 views

Design/Logic Flaw

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: UI Components. Supported versions that are affected are ECC: 8, 9 and 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

5.8CVSS5.9AI score0.00106EPSS

Prion•added 2023/10/17 10:15 p.m.•23 views

Code injection

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

5.8CVSS5.8AI score0.00192EPSS

Prion•added 2023/10/17 10:15 p.m.•65 views

Code injection

Prion•added 2023/10/17 10:15 p.m.•13 views

Code injection

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

5.4CVSS5.2AI score0.00052EPSS

UbuntuCve•added 2023/10/17 10:15 p.m.•65 views

CVE-2023-22067

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...

5.3CVSS6.4AI score0.00172EPSS

Exploits0References4

CVE•added 2023/10/17 9:3 p.m.•75 views

CVE-2023-22129

CVE-2023-22129 affects Oracle Solaris 11 kernel on SPARC systems. The vulnerability allows a low-privilege user with logon to the host to cause a hang or frequently repeatable crash (DoS) of Oracle Solaris, with impact on availability and no confidentiality/integrity impact per the CVSS data. Con...

5.5CVSS5.2AI score0.00034EPSS

CVE•added 2023/10/17 9:3 p.m.•55 views

CVE-2023-22127

CVE-2023-22127 affects Oracle Outside In Technology (Content Access SDK, Image Export SDK, PDF Export SDK, and HTML Export SDK) in Oracle Fusion Middleware, specifically version 8.5.6. The vulnerability allows a low-privileged, network-accessible attacker over HTTP to read data, perform unauthori...

6.3CVSS5.9AI score0.00093EPSS

Debian CVE•added 2023/10/17 9:3 p.m.•24 views

CVE-2023-22115

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

4.9CVSS4.9AI score0.00074EPSS

Exploits0

Debian CVE•added 2023/10/17 9:3 p.m.•22 views

CVE-2023-22114

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.1AI score0.00074EPSS

Exploits0

CVE•added 2023/10/17 9:3 p.m.•387 views

CVE-2023-22112

CVE-2023-22112 concerns Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier. Exploitation requires remote authentication with network access; impact is availability: attacker can cause hang or complete DoS via multiple protocols. Several connected advisories (Debian, AlmaL...

4.9CVSS5.2AI score0.00074EPSS