EUVD-2025-35256

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Miscellaneous. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

EUVD-2025-35258

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with...

EUVD-2025-35261

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15...

EUVD-2025-35270

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications...

EUVD-2025-35274

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

CVE-2025-53057

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 and 21.0.8; Oracl...

EUVD-2025-35278

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Object and Environment Tech. Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

EUVD-2025-35279

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2025-35280

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

EUVD-2025-35281

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

EUVD-2025-35298

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2025-10639

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-10641 Unencrypted cleartext communication in EfficientLab WorkExaminer Professional

All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...

Rockwell Automation 1783-NATR

RISK EVALUATION Successful exploitation of these vulnerabilities could result in a denial-of-service, data modification, or in an attacker obtaining sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other functions. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation USA. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase version 21.7.3.0.0, which originates from an HTTP...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server for Java VM versions 19.3 through 19.28,...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated suite of global business management software from Oracle Corporation USA. The software provides customer relationship management, service management, financial management, and more. iStore is one of the e-business applications that enable merchants to...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, supplier relationship management, and other capabilities.PeopleSoft Enterprise PeopleTools is one of the tools and...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Workflow for Oracle E-Business...