Design/Logic Flaw

Vulnerability in the Oracle Web Analytics product of Oracle E-Business Suite component: Admin. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Analytics. Successful attack...

Design/Logic Flaw

Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite component: Content Item Manager. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Content Manager...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2021-35567

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attack...

Code injection

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attack...

CVE-2021-35584

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: ndbcluster/plugin DDL. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...

Code injection

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: ndbcluster/plugin DDL. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...

Buffer overflow

Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via...

Design/Logic Flaw

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS...

Code injection

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-35659

Oracle Outside In Technology’s Outside In Filters in firmware 8.5.5 is affected by CVE-2021-35659, allowing unauthenticated network access to cause a denial-of-service (hang/crash). The issue is referenced across multiple sources (IBM DOORS Next advisories and NVD/NCSC/CNVD entries), with a base ...

CVE-2021-35658

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2021-35653

Vulnerability in the Essbase Administration Services product of Oracle Essbase component: EAS Console. The supported versions that are affected are Prior to 11.1.2.4.046 and Prior to 21.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

CVE-2021-35650

CVE-2021-35650 affects Oracle Secure Global Desktop (Oracle Virtualization), component: Client, version 5.6. The vulnerability is exploitable by a low-privileged user with network access via multiple protocols; exploitation requires user interaction and can grant unauthorized read access to a dat...

CVE-2021-35649

CVE-2021-35649 affects Oracle Secure Global Desktop (Server component) in Oracle Virtualization, with affected version 5.6. The vulnerability allows a low-privilege, network-accessing attacker to read a subset of data and cause partial denial of service. CVSS 3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U...

CVE-2021-35648

CVE-2021-35648 affects Oracle MySQL Server (Server: FTS) prior to 8.0.28-1, allowing a high-privileged attacker with network access to cause a denial-of-service (hang/crash) via the FTS path. Affected versions include 8.0.26 and earlier. Remediation noted in connected data: upgrade to 8.0.28-1 or...

CVE-2021-35646

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-35646

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-35645

CVE-2021-35645 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.26 and earlier. Vulnerability allows a high-privilege attacker with network access (via multiple protocols) to cause a hang or crash (DoS) of MySQL Server. Remediation shown in connected advisories: upgrade to ...