Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2023-21988

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Buffer overflow

Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications component: Routing Hub. Supported versions that are affected are 14.5, 14.6 and 14.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Code injection

Vulnerability in the Oracle Solaris product of Oracle Systems component: Core. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

Buffer overflow

Vulnerability in Oracle SQL Developer component: Installation. Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Buffer overflow

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Buffer overflow

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Native Image. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the...

Design/Logic Flaw

Vulnerability in the Oracle User Management product of Oracle E-Business Suite component: Proxy User Delegation. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle User...

CVE-2023-22001

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2023-21991

Summary: CVE-2023-21991 affects Oracle VM VirtualBox (Core). The vulnerability is present in supported VirtualBox versions prior to 6.1.44 and prior to 7.0.8. It enables a high-privilege attacker with local logon to the host to compromise VirtualBox, with potential unauthorized read access to a s...

CVE-2023-21989

CVE-2023-21989 affects Oracle VM VirtualBox (Core) in Oracle Virtualization. Affected versions are prior to 6.1.44 and prior to 7.0.8. The issue is described as easily exploitable, allowing a high-privileged attacker with local logon to the host running VirtualBox to compromise the VirtualBox com...

CVE-2023-21988

CVE-2023-21988 affects Oracle VM VirtualBox Core. Affected: Oracle VM VirtualBox prior to 6.1.44 and prior to 7.0.8. Exploitation is described as local, with a low-privileged user who can log on to the host, potentially leading to unauthorized read access to a subset of VirtualBox data. The vulne...

CVE-2023-21982

CVE-2023-21982 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions include 8.0.32 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to cause the server to hang or crash (DoS). Several connected sources corroborate...

CVE-2023-21982

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21979

Oracle WebLogic Server (Core) vulnerability CVE-2023-21979 affects Oracle Fusion Middleware WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. An unauthenticated attacker can exploit over T3 to access or exfiltrate data, per multiple sources in the connected documents. The issue is a...