Code injection

Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...

Design/Logic Flaw

Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle Fusion Middleware component: NextGen Installer issues. Supported versions that are affected are Prior to 13.9.4.2.11. Easily exploitable vulnerability allows low privileged attacker with logon to the...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

Design/Logic Flaw

Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications component: Admin Configuration. The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of...

CVE-2023-21865

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21870

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

RHEL 9 : java-11-openjdk (RHSA-2023:0202)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0202 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CVE-2023-21894

CVE-2023-21894 affects Oracle Global Lifecycle Management NextGen OUI Framework (NextGen Installer issues). Public sources indicate a input-validation weakness in the NextGen Installer component that can be exploited by a low-privileged user with logon to the host running the framework; exploitat...

CVE-2023-21891

Oracle BI Enterprise Edition (Oracle Fusion Middleware) Visual Analyzer contains an input-validation flaw that allows a low-privileged, network-facing attacker to access or modify data via HTTP. Affected versions are 5.9.0.0.0 through 6.4.0.0.0; successful attempts may update/insert/delete data a...

CVE-2023-21887

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2023-21884

CVE-2023-21884 affects Oracle VM VirtualBox (Core) where affected versions are prior to 6.1.42 and prior to 7.0.6. An attacker with local logon and high privileges can cause a hang or frequent crashes (DoS) of VirtualBox. Multiple connected advisories corroborate the same fixed versions: upgrade ...

CVE-2023-21882

CVE-2023-21882 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.31 and earlier. attacker with network access via multiple protocols can compromise data integrity (unauthorized updates) with high privileges and no user interaction. Root cause: Server: Optimizer vulnerability. R...

CVE-2023-21883

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21880

CVE-2023-21880 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.31 and earlier. The described impact is the attacker, with network access via multiple protocols and with high privileges, can cause a hang or frequent crashes (DoS) and may achieve unauthorized update/insert/delete on...

CVE-2023-21878

CVE-2023-21878 affects MySQL Server (component: Server: Optimizer) with affected versions 8.0.31 and earlier. The vulnerability allows an attacker with network access (via multiple protocols) to potentially cause a hang or frequent crash (DoS). Public advisories in connected docs show remediation...

CVE-2023-21878

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21872

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...