Oracle WebLogic Server Multiple Vulnerabilities (April 2026 CPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that...

CVE-2021-2250

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

EUVD-2017-12724

Malware in sbrugna...

CVE-2024-21107

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

CVE-2022-21571

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2022-39421

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.40. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

Design/Logic Flaw

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM...

SUSE CVE-2017-10067

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

SUSE CVE-2018-3295

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

SUSE CVE-2020-2674

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ...

SUSE CVE-2022-21363

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

CVE-2022-21558

Vulnerability in the Oracle Crystal Ball product of Oracle Construction and Engineering component: Installation. Supported versions that are affected are 11.1.2.0.000-11.1.2.4.900. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle...

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior 7.5.24 and prior 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

...

AZL-7695 CVE-2022-21279 affecting package mysql for versions less than 8.0.28-1

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

CVE-2020-14878

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: LDAP Auth. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware...

Cross site request forgery (csrf)

Some Xerox printers such as the Phaser 3320 V53.006.16.000 did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device...

CVE-2018-3057

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun...

CVE-2018-2811

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE...

CVE-2017-3511

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to th...

Century-web news management system V2. 0 Upload vulnerability-vulnerability warning-the black bar safety net

This is the Black base original, 本人邮箱[email protected] the. If you think writing is nonsense, need to reprint, please indicate the author is fengskier, the copyright belongs to the hacker base. Thank you. A few days ago wrote an article the server to the Processor, the look you want, from...