CVE-2021-2434

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2021-2254

Vulnerability in the Oracle Project Contracts product of Oracle E-Business Suite component: Hold Management. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Project Contracts...

CVE-2021-2317

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2021-2263

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite component: Intelligence, RFx. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Sourcing. Successful...

CVE-2021-2137

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Oracle Essbase Multiple Vulnerabilities (October 2025 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the October 2025 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Security and Provisioning Bouncy Castle Java Library. The supported version that is...

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in Oracle PeopleSoft Specifically for versions 8.60, 8.61, 8.62 and 9.2. The vulnerabilities in Oracle PeopleSoft allow attackers to gain unauthorized access to sensitive data and can lead to data manipulation. This includes vulnerabilities that allow both low- an...

CVE-2025-61756

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: System Configuration. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated...

CVE-2025-62480

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Naming Subsystem. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

CVE-2025-62479

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Block Storage. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

CVE-2025-61764

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2025-62475

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Core. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful...

CVE-2025-62477

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Remote Replication. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Ki...

CVE-2025-53048

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Rich Text Editor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2025-53071

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Upload Attachments. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-61751

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2025-53041

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Shopping Cart. Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks...

CVE-2025-53035

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2025-53037

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2025-53043

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite component: Item Catalog. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Product Hub. Successful...