Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/07/06 8:38 a.m.37 views

CVE-2026-24013 Apache IoTDB: Authentication Bypass via Forged SessionID in Thrift RPC

Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query handlers lack strict validation of the sessionId parameter. An attacker can construct requests with a forged sessionId and, without performing openSession authentication, receive valid query results. This...

0.00471EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:53 a.m.10 views

CVE-2026-46770

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.11 views

Oracle Health Sciences Applications security vulnerabilities

Oracle Health Sciences Applications is a clinical research and development solution developed by Oracle Corporation for the healthcare industry in the United States. Version 7.0.1.0 of Oracle Life Sciences Central Designer in Oracle Health Sciences Applications contains a security vulnerability...

6.5CVSS7.1AI score0.00222EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

Oracle Java SE 安全漏洞

Oracle Java SE is a U.S. Oracle Corporation for the development and deployment of Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle GraalVM for JDK versions 17.0.16 and 21.0.8 for Oracle Java SE, which stems from a...

3.7CVSS7.1AI score0.00239EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.6 views

Oracle Fusion Middleware 授权问题漏洞

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

6.1CVSS7.2AI score0.00238EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/07 12:0 a.m.6 views

The vulnerability of the Web Server component of the Oracle BI Publisher software, which allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the Web Server component of the Oracle BI Publisher software for report creation is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

5.5CVSS6.6AI score0.00308EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/18 9:15 p.m.6 views

CVE-2022-21629

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...

5.4CVSS5.8AI score0.00422EPSS
Exploits0References1
OSV
OSV
added 2022/07/19 10:15 p.m.3 views

CVE-2022-21555

Vulnerability in the MySQL Shell for VS Code product of Oracle MySQL component: Shell: GUI. Supported versions that are affected are 1.1.8 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Shell for VS Code executes to...

4.2CVSS5.8AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2022/01/19 12:15 p.m.5 views

CVE-2022-21259

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

6.1CVSS6.8AI score0.00946EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/10/27 12:52 a.m.5 views

OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS7.4AI score0.02463EPSS
Exploits0References4
CNVD
CNVD
added 2020/07/16 12:0 a.m.3 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-41456)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Information Schema component of MySQL Server 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and...

4.3CVSS7.9AI score0.01919EPSS
Exploits0References1
OSV
OSV
added 2018/10/17 1:31 a.m.5 views

CVE-2018-3205

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Workflow. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...

6.1CVSS7.3AI score0.01563EPSS
Exploits0References3
OSV
OSV
added 2018/08/02 12:29 p.m.6 views

CVE-2018-2933

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP t...

4.9CVSS7.3AI score0.00987EPSS
Exploits2References3
OSV
OSV
added 2017/04/24 7:59 p.m.4 views

CVE-2017-3507

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware subcomponent: Web Console Design. Supported versions that are affected are 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HT...

7.3CVSS5.8AI score0.01665EPSS
Exploits0References3
CNVD
CNVD
added 2017/01/20 12:0 a.m.7 views

Oracle FLEXCUBE Investor Servicing Remote Vulnerability

Oracle Financial Services Applications is Oracle's suite of financial services software for core banking, online banking and asset management. Oracle FLEXCUBE Investor Servicing is one of the components that provides life-cycle processing of cross-business hedge funds, mutual funds and unit-linke...

5.5CVSS6.7AI score0.0105EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/20 12:0 a.m.6 views

Unspecified Vulnerability in Oracle Sun Systems Products Suite Solaris Cluster Component (CNVD-2016-09693)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Solaris Cluster is one of the enterprise cluster components for the Oracle Sun Solaris operating system. A local security vulnerability exists in the Cluster Geo subcomponent of the Solaris Cluster...

3.3CVSS6.6AI score0.00369EPSS
Exploits0References1
Rows per page
Query Builder