37 matches found
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: JAXP. The supported versions affected by this vulnerability include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily...
PT-2026-38852
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...
BIT-JAVA-MIN-2021-35556
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
EUVD-2026-24457
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...
CVE-2026-34298
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Application...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...
Linux Distros Unpatched Vulnerability : CVE-2020-2583
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u23...
Linux Distros Unpatched Vulnerability : CVE-2021-35618
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.26 and prior. Difficult to...
CVE-2024-21281
Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applications component: Infrastructure. The supported version that is affected is 14.7.0.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise...
AZL-49936 CVE-2024-21096 affecting package mariadb for versions less than 10.11.10-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to...
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to cause a partial service outage.
The vulnerability of the Analytics Server component of the Oracle Business Intelligence Enterprise Edition software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause a partial service outage...
SUSE CVE-2018-3214
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2022-21590
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Core Formatting API. Supported versions that are affected are 5.9.0.0, 6.4.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to cause partial service interruptions.
The vulnerability of the MySQL Server component’s Security: Encryption module is related to errors in resource release. Exploiting this vulnerability can allow an attacker to cause a partial service outage...
OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
CVE-2021-44160
Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the...
OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.50 and prior 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Client accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Client. CVSS 3.1 Base Score 4.2 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L).
...
CVE-2021-2033
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core Components. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...