CVE-2026-34269

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

CVE-2026-21943

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

CVE-2021-2078

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

VulnCheck KEV: CVE-2024-21136

Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications component: Security. Supported versions that are affected are 19.0.5, 20.0.3, 20.0.4, 22.0.0 and 23.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2023-22121

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 14.5-14.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2025-31161

CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account unless a DMZ proxy instance is used, as exploited in the wild in March and April 2025, aka “Unauthenticated HTTPS port access.” A race condition exists in the AWS4-HMAC compatible wi...

CVE-2024-21043

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2023-22107

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite component: UI Components. Supported versions that are affected are ECC: 8, 9 and 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

CVE-2021-35687

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Unified Metadata Manager. Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2021-2256

Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2854

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced...

CVE-2019-2965

Vulnerability in the Siebel Core - DB Deployment and Configuration product of Oracle Siebel CRM component: Install - Configuration. Supported versions that are affected are 19.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2876

Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications subcomponent: RIB KernalApache Commons Collections. The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

CVE-2018-2651

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: XML Publisher. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2017-10385

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...

CVE-2017-3405

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-8282

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Product / Instrument Search. Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network acces...