CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3464 matches found

Vulnerabilities in Oracle Database Server

Oracle has identified vulnerabilities in Oracle REST Data Services versions 24.2.0 to 26.1.0 and Oracle Database Server versions 23.4.0 to 23.26.2. The vulnerabilities in Oracle REST Data Services allow attackers with low privileges and network access via HTTPS to perform various actions without...

10CVSS5.9AI score0.00056EPSS

Exploits2References1

NVD•added last week•5 views

CVE-2026-46835

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this vulnerability can resul...

7.5CVSS0.00052EPSS

Exploits0References1

NVD•added last week•9 views

CVE-2026-46834

7.5CVSS0.00052EPSS

Exploits0References1

NVD•added last week•6 views

CVE-2026-46833

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. While the vulnerability is in Net Service, attac...

9CVSS0.00056EPSS

Exploits0References1

EUVD•added last week•4 views

EUVD-2026-33014

7.5CVSS5.8AI score0.00052EPSS

Exploits0References1

EUVD•added last week•6 views

EUVD-2026-33013

9CVSS5.8AI score0.00056EPSS

Exploits0References1

EUVD•added last week•5 views

EUVD-2026-33015

7.5CVSS5.8AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44528

7.5CVSS5.8AI score0.00052EPSS

Exploits0References2

CNNVD•added 2026/05/28 12:0 a.m.•4 views

Oracle Database Server Net Service 安全漏洞

Oracle Database Server Net Service is a database network communication and connection management service component provided by Oracle Corporation. Versions 23.4.0 to 23.26.2 of Oracle Database Server Net Service contain security vulnerabilities. These vulnerabilities stem from issues with the Net...

7.5CVSS5.8AI score0.00052EPSS

Exploits0References1

CNNVD•added 2026/05/28 12:0 a.m.•5 views

Oracle Database Server Net Service 安全漏洞

7.5CVSS5.8AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44526

9CVSS5.8AI score0.00056EPSS

Exploits0References3

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44527

7.5CVSS5.8AI score0.00052EPSS

Exploits0References2

CNNVD•added 2026/05/28 12:0 a.m.•3 views

Oracle REST Data Services 安全漏洞

Oracle REST Data Services is a middleware tool provided by Oracle Corporation in the United States, which exposes features of the Oracle database to applications through RESTful APIs. Versions 24.2.0 to 26.1.0 of Oracle REST Data Services have security vulnerabilities. These vulnerabilities stem...

7.5CVSS5.8AI score0.00052EPSS

Exploits0References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017668 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easily...

4CVSS6.7AI score0.00318EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017701 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...

4.9CVSS6.7AI score0.00989EPSS

Exploits0References4

ATTACKERKB•added 2026/05/06 4:44 p.m.•2 views

CVE-2026-29080

A SQL injection vulnerability in FilterEngine.createsqlaquery allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint GET /dids//dids/search. On Oracle deployments attacker-controlled filter keys and values are interpolated directl...

9.4CVSS6AI score0.00048EPSS

Exploits0References2Affected Software1

Github Security Blog•added 2026/05/06 4:42 p.m.•5 views

Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API

Summary A SQL injection vulnerability in the Oracle path of FilterEngine.createsqlaquery allows any authenticated Rucio user to execute arbitrary SQL against the backend database through the DID search endpoint GET /dids//dids/search. Attacker-controlled filter keys and values are interpolated...

9.4CVSS6.5AI score0.00048EPSS

Exploits0References3Affected Software1

OSV•added 2026/05/06 4:42 p.m.•3 views

GHSA-VJR5-C9QV-HGM3 Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API

9.9CVSS6.5AI score0.00048EPSS

Exploits0References3

NVD•added 2026/05/06 8:16 a.m.•3 views

CVE-2026-23927

A user able to connect to Agent 2 can inject an Oracle TNS connection string via the 'service' parameter. This can lead to Agent 2 connecting to an attacker-controlled server and leaking Oracle database credentials if they are saved in a named session...

5CVSS0.00047EPSS

Exploits0References1

RedhatCVE•added 2026/05/05 8:21 p.m.•4 views

CVE-2026-42233

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the Oracle Database node's select operation allowed user-controlled input passed into the Limit field via expressions to be interpolated directly into the SQL query without sanitization o...

9.8CVSS5.9AI score0.00055EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by