Oracle Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Oracle MySQL Server822
Oracle VM VirtualBox299
Oracle WebLogic Server286
Oracle Java SE283
Oracle PeopleSoft Enterprise PeopleTools269

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix9964
Temporary Fix0
Workaround0
Unavailable0
Not Defined36

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High77
Functional0
Proof-of-Concept106
Unproven0
Not Defined9817

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical16
Local1067
Adjacent127
Network8790

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High1285
Low2169
None6546

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required2501
None7499

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤212
≤3101
≤4315
≤51062
≤61387
≤72082
≤82352
≤91335
≤101354

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤212
≤3130
≤4316
≤51058
≤62043
≤71726
≤82718
≤9766
≤101231

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤12
≤217
≤3112
≤4333
≤51064
≤61411
≤71895
≤82482
≤91282
≤101402

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤26
≤337
≤4209
≤5587
≤61021
≤71505
≤82047
≤9860
≤101399

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤22
≤361
≤463
≤5280
≤6361
≤7374
≤8401
≤9257
≤1064

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤12
≤211
≤345
≤4166
≤5514
≤6646
≤7780
≤8796
≤9697
≤10633

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k13
<2k64
<5k843
<10k2661
<25k4733
<50k474
<100k962
≥100k250

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k5971
<2k1433
<5k1247
<10k280
<25k932
<50k137
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (861): ADF (3), API Gateway (15), Access Manager (24), Adaptive Access Manager (3), Advanced Collections (1), Advanced Inbound Telephony (1), Advanced Outbound Telephony (13), Advanced Pricing (1), Advanced Supply Chain Planning (2), Advanced Support Gateway (1), Agile Engineering Data Management (31), Agile Material (1), Agile PLM (68), Agile PLM Framework (2), Agile PLM MCAD Connector (5), Agile Product Lifecycle Management Integration Pack for E-Business Suite (2), Agile Product Lifecycle Management Integration Pack for SAP: Design to Release (1), Agile Product Lifecycle Management for Process (9), Agile Recipe Management for Pharmaceuticals (3), Airlines Data Model (1), Analytics (30), Analytics Desktop (1), Application Express (2), Application Express Administration (1), Application Express Customers Plugin (1), Application Express Team Calendar Plugin (1), Application Management Pack for E-Business Suite (2), Application Management Pack for Utilities & Enterprise Taxation (1), Application Object Library (15), Application Performance Management (2), Application Performance Management (APM) (1), Application Server (4), Application Service Level Management (1), Application Session Controller (4), Application Testing Suite (41), Applications DBA (3), Applications Framework (18), Applications Manager (12), Applications Monitor (3), Applications Technology (1), Applications Technology Stack (2), Approvals Management (1), ArchivistaBox (1), Argus Analytics (1), Argus Insight (2), Argus Mart (1), Argus Safety (11), Asset Management (2), Asset Management (v1) (1), Audit Vault and Database Firewall (5), AutoVue (12), AutoVue 3D Professional Advanced (1), AutoVue VueLink Integration (1), Automatic Service Request (10), Autonomous Health Framework (1), Autovue for Agile Product Lifecycle Management (8), BAM (2), BAM (Business Activity Monitoring) (3), BI Publisher (68), BI Publisher (formerly XML Publisher) (3), Banking APIs (23), Banking Branch (15), Banking Cash Management (25), Banking Collections and Recovery (1), Banking Corporate Lending (31), Banking Corporate Lending Process Management (32), Banking Credit Facilities Process Management (34), Banking Deposits and Lines of Credit Servicing (10), Banking Digital Experience (34), Banking Electronic Data Exchange for Corporates (8), Banking Enterprise Collections (4), Banking Enterprise Default Management (16), Banking Enterprise Originations (4), Banking Enterprise Product Manufacturing (5), Banking Extensibility Workbench (8), Banking Liquidity Management (37), Banking Loans Servicing (5), Banking Origination (13), Banking Party Management (19), Banking Payments (39), Banking Platform (45), Banking Supply Chain Finance (36), Banking Trade Finance (25), Banking Trade Finance Process Management (31), Banking Treasury Management (16), Banking Virtual Account Management (28), Berkeley DB (23), Big Data Discovery (6), Big Data Graph (4), Big Data Spatial and Graph (6), Bill Presentment Architecture (1), Billing (6), Billing Analytics (1), Bills of Material (1), Blockchain Platform (22), Business Activity Monitoring (2), Business Activity Monitoring(BAM) (1), Business Intelligence Data Warehouse Administration Console (1), Business Intelligence Enterprise Edition (141), Business Process Management Suite (35), Business Transaction Management (2), CRM Gateway for Mobile Devices (3), CRM Technical Foundation (38), Cash Management (1), Category Management Planning (1), Clinical (2), Clinical Remote Data Capture (1), CloudForms Management Engine (1), Cloud Infrastructure Data Science Notebook Sessions (1), Cloud Infrastructure Storage Gateway (4), Cloud Services (2), Clusterware (4), Coherence (23), Collaboration (1), Collaborative Planning (2), Collateral Management (21), Commerce (2), Commerce Experience Manager (10), Commerce Guided Search (54), Commerce Merchandising (5), Commerce Platform (20), Commerce Service Center (2), Common Applications (9), Common Applications Calendar (8), Communications (14), Communications ASAP (5), Communications ASAP Cartridges (1), Communications Analytics (3), Communications Application Session Controller (17), Communications BRM (15), Communications BRM - Elastic Charging Engine (20), Communications BRM Elastic Charging Engine (4), Communications Billing (3), Communications Billing and Revenue Management (40), Communications Calendar Server (8), Communications Cloud Native Configuration Console (3), Communications Cloud Native Core Automated Test Suite (22), Communications Cloud Native Core Binding Support Function (73), Communications Cloud Native Core Console (38), Communications Cloud Native Core Network Data Analytics Function (3), Communications Cloud Native Core Network Exposure Function (29), Communications Cloud Native Core Network Function Cloud Native Environment (39), Communications Cloud Native Core Network Repository Function (45), Communications Cloud Native Core Network Slice Selection Function (20), Communications Cloud Native Core Policy (93), Communications Cloud Native Core Security Edge Protection Proxy (53), Communications Cloud Native Core Service Communication Proxy (21), Communications Cloud Native Core Unified Data Repository (46), Communications Contacts Server (9), Communications Control Plane Monitor (1), Communications Converged Application Server (7), Communications Converged Application Server - Service Controller (2), Communications Converged Application Server-Service Controller (1), Communications Converged Application Server Service Controller (1), Communications Convergence (14), Communications Convergent Charging Controller (13), Communications Core Session Manager (2), Communications Data Model (2), Communications Design Studio (16), Communications Diameter Intelligence Hub (11), Communications Diameter Signaling Router (85), Communications Diameter Signaling Router (DSR) (4), Communications EAGLE Application Processor (4), Communications EAGLE Element Management System (1), Communications EAGLE FTP Table Base Retrieval (3), Communications EAGLE LNP Application Processor (7), Communications EAGLE Software (3), Communications Elastic Charging Engine (5), Communications Element Manager (48), Communications Evolved Communications Application Server (8), Communications Fraud Monitor (2), Communications IP Service Activator (7), Communications Instant Messaging Server (22), Communications Interactive Session Recorder (15), Communications LSMS (7), Communications Messaging Server (36), Communications MetaSolv Solution (14), Communications Network Analytics Data Director (17), Communications Network Charging (5), Communications Network Charging and Control (15), Communications Network Integrity (18), Communications Network Intelligence (1), Communications Offline Mediation Controller (12), Communications Online Mediation Controller (1), Communications Operations Monitor (31), Communications Order (4), Communications Order and Service Management (12), Communications Performance Intelligence Center (PIC) Software (8), Communications Performance Intelligence Center Software (7), Communications Policy Management (35), Communications Pricing Design Center (30), Communications Security Gateway (2), Communications Service Broker (4), Communications Service Broker Engineered System Edition (2), Communications Service Catalog and Design (17), Communications Services Gatekeeper (21), Communications Session Border Controller (27), Communications Session Report Manager (50), Communications Session Route Manager (34), Communications Session Router (6), Communications Subscriber-Aware Load Balancer (4), Communications Unified Assurance (33), Communications Unified Inventory Management (44), Communications Unified Session Manager (6), Communications User Data Repository (16), Communications WebRTC Session Controller (28), Compensation Workbench (1), Complex Maintenance, Repair, and Overhaul (4), Concurrent Processing (1), Configuration (1), Configuration Manager (5), Configurator (7), Construction (10), Construction and Engineering (3), Content Manager (3), Control (5), Converged Application Server (1), Converged Application Server - Service Controller (1), Converged Commerce (1), Convergence (2), Crystal Ball (1), Customer Interaction History (8), Customer Management (6), Customers Online (1), Data Integrator (35), Data Masking (1), Data Visualization Desktop (1), Database (88), Database Enterprise Edition (1), Database Enterprise Edition RDBMS Security (1), Database Enterprise Edition Recovery (1), Database Enterprise Edition Sharding (1), Database Server (114), Deal Management (1), Demantra Demand Management (7), Deployment (4), Depot Repair (10), Diagnostic Assistant (2), Diameter Signaling Router (DSR) (3), Directory Server Enterprise Edition (3), Discovery (5), Documaker (19), Documaker Enterprise Edition (3), Document Management (1), Document Management and Collaboration (2), E-Business Intelligence (6), E-Business Suite (58), E-Business Suite Cloud Manager and Cloud Backup Module (1), E-Business Suite Information Discovery (2), E-Business Suite Secure Enterprise Search (1), E-Business Suite Technology Stack (1), E-Business Suite´┐Ż (7), E-Business Tax (1), E-Records (1), EAGLE (Software) (1), Email Center (17), Endeca Information Discovery Integrator (14), Endeca Information Discovery Studio (11), Endeca Server (9), Engineering (2), Engineering Data Management (1), Engineering Suite (10), Enterprise Asset Management (1), Enterprise Command Center Framework (3), Enterprise Communications Broker (19), Enterprise Data Quality (28), Enterprise Manager (2), Enterprise Manager Base Platform (100), Enterprise Manager Ops Center (56), Enterprise Manager for Database (9), Enterprise Manager for Exadata (2), Enterprise Manager for Fusion Applications (1), Enterprise Manager for Fusion Middleware (10), Enterprise Manager for MySQL Database (5), Enterprise Manager for Peoplesoft (4), Enterprise Manager for Storage Management (2), Enterprise Manager for Virtual Infrastructure (1), Enterprise Manager for Virtualization (8), Enterprise Operations Monitor (8), Enterprise Repository (26), Enterprise Session Border Controller (16), Enterprise Session Router (1), Enterprise Telephony Fraud Monitor (1), Equipment Management for Pharmaceuticals (1), Essbase (27), Essbase Analytic Provider Services (3), Ethernet Switch ES1-24 (1), Ethernet Switch ES2-64 (1), Ethernet Switch ES2-72 (1), Ethernet Switch TOR-72 (1), Explorer (1), FLEXCUBE Core Banking (16), FLEXCUBE Direct Banking (10), FLEXCUBE Enterprise Limits (21), FLEXCUBE Enterprise Limits and Collateral Management (2), FLEXCUBE Investor Servicing (42), FLEXCUBE Private Banking (63), FLEXCUBE Universal Banking (83), FMW Platform (3), Field Service (5), Financial Services - Regulatory Reporting for Reserve Bank of India - Lombard Risk Integration Pack (1), Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack (1), Financial Services Analytical Applications Infrastructure (76), Financial Services Analytical Applications Reconciliation Framework (4), Financial Services Asset Liability Management (9), Financial Services Balance Computation Engine (1), Financial Services Balance Sheet Planning (5), Financial Services Basel Regulatory Capital Basic (5), Financial Services Basel Regulatory Capital Internal Ratings Based Approach (5), Financial Services Behavior Detection Platform (23), Financial Services Compliance Regulatory Reporting (1), Financial Services Compliance Studio (4), Financial Services Crime and Compliance Investigation Hub (1), Financial Services Crime and Compliance Management Studio (24), Financial Services Currency Transaction Reporting (1), Financial Services Data Foundation (4), Financial Services Data Governance for US Regulatory Reporting (2), Financial Services Data Integration Hub (6), Financial Services Deposit Insurance Calculations for Liquidity Risk Management (2), Financial Services Enterprise Case Management (12), Financial Services Enterprise Financial Performance Analytics (3), Financial Services Foreign Account Tax Compliance Act Management (1), Financial Services Funds Transfer Pricing (12), Financial Services Hedge Management (8), Financial Services Hedge Management and IFRS Valuations (1), Financial Services Institutional Performance Analytics (7), Financial Services Lending (2), Financial Services Lending and Leasing (3), Financial Services Liquidity Risk Management (8), Financial Services Liquidity Risk Measurement (2), Financial Services Liquidity Risk Measurement and Management (2), Financial Services Loan Loss Forecasting (8), Financial Services Loan Loss Forecasting and Provisioning (2), Financial Services Market Risk (2), Financial Services Market Risk Measurement (7), Financial Services Market Risk Measurement and Management (4), Financial Services Model Management and Governance (25), Financial Services Price Creation (5), Financial Services Price Creation and Discovery (3), Financial Services Pricing Management (1), Financial Services Profitability Management (11), Financial Services Reconciliation Framework (2), Financial Services Regulatory Reporting (1), Financial Services Regulatory Reporting for De Nederlandsche Bank (1), Financial Services Regulatory Reporting for European Banking Authority (2), Financial Services Regulatory Reporting for European Banking Authority - Integration Pack for Lombard Risk (1), Financial Services Regulatory Reporting for US Federal Reserve (2), Financial Services Regulatory Reporting with AgileREPORTER (4), Financial Services Retail Customer Analytics (5), Financial Services Retail Performance Analytics (3), Financial Services Revenue Management (4), Financial Services Revenue Management and Billing (16), Financial Services Revenue Management and Billing Analytics (2), Financial Services Trade-Based Anti Money Laundering Enterprise Edition (10), Financials Common Modules (1), Forms (1), Fuel POS Software (7), Fujitsu M10-1 (19), Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers (4), Fujitsu M10-4 (19), Fujitsu M10-4S (19), Fujitsu M12-1 (20), Fujitsu M12-2 (20), Fujitsu M12-2S (12), Fujitsu M12-2S Servers (8), Fusion Middleware (14), Fusion Middleware MapViewer (25), General Ledger (4), GlassFish Open Source Edition (1), GlassFish Server (10), GlassFish Server Open Source Edition (3), Global Lifecycle Management (2), Global Lifecycle Management NextGen OUI Framework (7), Global Lifecycle Management OPatch (3), Global Lifecycle Management OPatchAuto (1), Global Order Promising (1), GoldenGate (16), GoldenGate Application Adapter (2), GoldenGate Application Adapters (9), GoldenGate Big Data (2), GoldenGate Stream Analytics (6), GoldenGate Studio (3), GoldenGate Veridata (4), GoldenGate for Big Data (1), Goldengate (1), GraalVM Enterprise Edition (38), GraalVM for JDK (5), Graph Server and Client (7), HCM Common Architecture (1), HRMS (France) (1), HTTP Server (58), Hardware Management Pack (2), Health Sciences Central Coding (1), Health Sciences Clinical Development Analytics (1), Health Sciences Data Management Workbench (7), Health Sciences Empirica Inspections (3), Health Sciences Empirica Signal (8), Health Sciences InForm (9), Health Sciences InForm CRF Submit (1), Health Sciences InForm Publisher (1), Health Sciences Information Manager (8), Health Sciences Sciences Data Management Workbench (1), Healthcare Data Repository (13), Healthcare Foundation (11), Healthcare Master Person Index (11), Healthcare Translational Research (17), Helidon (3), Help Technologies (1), Hospitality 9700 (2), Hospitality Cruise AffairWhere (2), Hospitality Cruise Dining Room Management (4), Hospitality Cruise Fleet Management (14), Hospitality Cruise Fleet Management System (5), Hospitality Cruise Materials Management (4), Hospitality Cruise Shipboard Property Management System (20), Hospitality Gift (4), Hospitality Gift and Loyalty (1), Hospitality Guest Access (27), Hospitality Hotel Mobile (6), Hospitality Inventory Management (5), Hospitality Labor Management (2), Hospitality Materials Control (6), Hospitality OPERA 5 (10), Hospitality OPERA 5 Property Services (18), Hospitality Property Interfaces (2), Hospitality RES 3700 (5), Hospitality Reporting (30), Hospitality Reporting and Analytics (8), Hospitality Simphony (30), Hospitality Simphony First Edition (5), Hospitality Simphony First Edition Venue Management (1), Hospitality Suite (1), Hospitality Suite8 (23), Hospitality Suites Management (2), Hospitality Token Proxy Service (3), Hospitality WebSuite8 Cloud Service (3), Hospitality e7 (3), Human Resources (8), Hyperion (9), Hyperion Analytic Provider Services (2), Hyperion BI+ (10), Hyperion Calculation Manager (3), Hyperion Data Relationship Management (7), Hyperion Enterprise Performance Management Architect (1), Hyperion Essbase (4), Hyperion Essbase Administration Services (3), Hyperion Financial Close Management (3), Hyperion Financial Data Quality Management (1), Hyperion Financial Management (6), Hyperion Financial Reporting (12), Hyperion Infrastructure Technology (25), Hyperion Lifecycle Management (2), Hyperion Planning (11), Hyperion Profitability and Cost Management (1), Hyperion Tax Provision (1), Hyperion Workspace (2), IFRS Valuations (8), Identity Analytics (3), Identity Management Suite (4), Identity Manager (19), Identity Manager Connector (10), In-Memory Performance-Driven Planning (1), Incentive Compensation (2), Installed Base (10), Instant Messaging Server (2), Instantis EnterpriseTrack (31), Insurance Accounting Analyzer (4), Insurance Allocation Manager for Enterprise Profitability (4), Insurance Calculation Engine (8), Insurance Data Foundation (3), Insurance Data Gateway (4), Insurance IFRS 17 Analyzer (2), Insurance Insbridge Rating (1), Insurance Insbridge Rating and Underwriting (7), Insurance Istream (1), Insurance Performance Insight (2), Insurance Policy Administration (15), Insurance Policy Administration J2EE (12), Insurance Policy Administration Operational Data Store for Life and Annuity (5), Insurance Rules Palette (14), Integrated Lights Out Manager (6), Integrated Lights Out Manager (ILOM) (2), Interaction Center Intelligence (2), Interactive Session Recorder (2), Internet Directory (4), Internet Expenses (3), JD Edwards EnterpriseOne Orchestrator (23), JD Edwards EnterpriseOne Tools (114), JD Edwards World Security (11), JD Edwards World Technical Foundation (1), JDK (1), JDeveloper (20), JDeveloper and ADF (1), Java Advanced Management Console (6), Java ME SDK (1), Java SE (283), Java VM (1), Knowledge (16), Knowledge Management (9), Labor Distribution (1), Landed Cost Management (1), Learning Management (2), Lease and Finance Management (1), Leasing (2), Legal Entity Configurator (1), Life Sciences InForm (1), Life Sciences InForm Publisher (1), Linux (2), Linux UEK (1), Load (2), Loans (1), Loyalty (4), M7 (1), M10-1 (2), M10-4 (2), M10-4S (2), M12-1 (2), M12-2 (2), M12-2S (2), M3000 (1), M4000 (2), M5000 (2), M8000 (2), M9000 (1), M9000 Servers (1), MES for Process Manufacturing (1), MICROS 700 Series Tablet (2), MICROS BellaVita (1), MICROS Compact Workstation 3 (1), MICROS ES400 Series (1), MICROS Handheld Terminal (4), MICROS Kitchen Display Controller (1), MICROS Kitchen Display System Hardware (1), MICROS Lucas (5), MICROS PC Workstation 2015 (3), MICROS Relate CRM Software (10), MICROS Retail-J (7), MICROS Retail XBRi Loss Prevention (7), MICROS Workstation 5A (1), MICROS Workstation 6 (5), MICROS Workstation 650 (2), MICROS XBR (2), MICROS XBRi (1), MICROS Xstore Payment (1), Managed File Transfer (18), Management (9), Management Cloud Engine (8), Management Pack for GoldenGate (4), MapViewer (1), Marketing (37), Marketing Encyclopedia System (1), Messaging Server (1), Middleware Common Libraries and Tools (39), Mobile Field Service (4), Mobile Security Suite (3), MySQL (2), MySQL Client (12), MySQL Cluster (85), MySQL Connectors (46), MySQL Enterprise Backup (6), MySQL Enterprise Monitor (76), MySQL Installer (2), MySQL Server (822), MySQL Shell (5), MySQL Shell for VS Code (1), MySQL Workbench (40), NetSuite (2), NoSQL Database (8), OPatch (1), OSS Support Tools (26), One-to-One Fulfillment (22), Online Mediation Controller (2), OpenGrok (1), OpenJDK (1), OpenSSO (1), Operational Analytics (2), Operations Intelligence (1), Optimization (2), Order Management (1), Outside In Technology (161), Partner Management (6), Payables (2), Payment Interface (2), PeopleSoft (1), PeopleSoft Enterprise CC Common Application Objects (5), PeopleSoft Enterprise CS Academic Advisement (3), PeopleSoft Enterprise CS Campus Community (6), PeopleSoft Enterprise CS Financial Aid (1), PeopleSoft Enterprise CS SA Integration Pack (2), PeopleSoft Enterprise CS Student Records (1), PeopleSoft Enterprise Common Components (1), PeopleSoft Enterprise ELM (1), PeopleSoft Enterprise ELM Enterprise Learning Management (1), PeopleSoft Enterprise FIN Cash Management (1), PeopleSoft Enterprise FIN Common Application Objects (1), PeopleSoft Enterprise FIN Expenses (3), PeopleSoft Enterprise FIN Install (2), PeopleSoft Enterprise FIN Payables (1), PeopleSoft Enterprise FIN Project Costing (1), PeopleSoft Enterprise FIN Receivables (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Argentina (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Brazil (1), PeopleSoft Enterprise FSCM (8), PeopleSoft Enterprise HCM (3), PeopleSoft Enterprise HCM Absence Management (1), PeopleSoft Enterprise HCM Candidate Gateway (1), PeopleSoft Enterprise HCM Global Payroll Core (1), PeopleSoft Enterprise HCM Global Payroll Switzerland (2), PeopleSoft Enterprise HCM Human Resources (9), PeopleSoft Enterprise HCM Shared Components (2), PeopleSoft Enterprise HCM Talent Acquisition Manager (1), PeopleSoft Enterprise HCM eProfile Manager Desktop (1), PeopleSoft Enterprise HRMS (3), PeopleSoft Enterprise Interaction Hub (1), PeopleSoft Enterprise PRTL Interaction Hub (16), PeopleSoft Enterprise PT PeopleTools (17), PeopleSoft Enterprise PeopleTools (269), PeopleSoft Enterprise SCM (1), PeopleSoft Enterprise SCM Purchasing (5), PeopleSoft Enterprise SCM Service Procurement (1), PeopleSoft Enterprise SCM Strategic Sourcing (1), PeopleSoft Enterprise SCM eBill Payment (1), PeopleSoft Enterprise SCM eProcurement (6), PeopleSoft Enterprise SCM eSupplier Connection (2), PeopleSoft HRMS (1), PeopleSoft PeopleTools (1), Performance Management (1), Platform Security for Java (1), Policy Automation (11), Policy Automation Connector for Siebel (5), Policy Automation for Mobile Devices (5), Primavera Analytics (2), Primavera Data Warehouse (1), Primavera Gateway (47), Primavera P6 Enterprise Project Portfolio Management (42), Primavera P6 Professional Project Management (1), Primavera Portfolio Management (13), Primavera Unifier (79), Product Hub (1), Product Lifecycle Analytics (9), Project Contracts (1), Project Costing (1), Projects (1), Provisioning (8), Public Sector Financials International (1), Purchasing (1), Quoting (2), REST Data Services (15), Rapid Planning (17), Real-Time Decision Server (6), Real-Time Decisions (RTD) Solutions (2), Real-Time Scheduler (3), Real User Experience Insight (5), Receivables (1), Reports Developer (3), Retail Advanced Inventory Planning (11), Retail Advanced Science Engine (1), Retail Allocation (5), Retail Analytic Parameter Calculator - RO (2), Retail Analytics (2), Retail Assortment Planning (19), Retail Back Office (22), Retail Bulk Data Integration (13), Retail Category Management (1), Retail Category Management Planning (1), Retail Category Management Planning & Optimization (1), Retail Central Office (20), Retail Clearance Optimization Engine (8), Retail Convenience (7), Retail Convenience Store Back Office (1), Retail Customer Engagement (3), Retail Customer Insights (13), Retail Customer Management (18), Retail Customer Management and Segmentation Foundation (33), Retail Data Extractor for Merchandising (3), Retail Demand Forecasting (1), Retail EFTLink (12), Retail Extract Transform (2), Retail Extract Transform and Load (5), Retail Financial Integration (21), Retail Fiscal Management (6), Retail Fusion Platform (1), Retail Insights (2), Retail Insights Cloud Service Suite (1), Retail Integration Bus (36), Retail Invoice Matching (15), Retail Item Planning (3), Retail Macro Space Optimization (3), Retail Markdown Optimization (4), Retail Merchandise Financial Planning (3), Retail Merchandising Insights (1), Retail Merchandising System (29), Retail Open Commerce Platform (9), Retail Order Broker (40), Retail Order Broker Cloud Service (1), Retail Order Management System (5), Retail Order Management System Cloud Service (1), Retail Point-of-Sale (1), Retail Point-of-Service (17), Retail Point Of Service (1), Retail Predictive Application Server (26), Retail Price Management (6), Retail Pricing (1), Retail Regular Price Optimization (3), Retail Replenishment Optimization (3), Retail Returns Management (21), Retail Sales Audit (11), Retail Service Backbone (28), Retail Service Layer (1), Retail Size Profile Optimization (4), Retail Store Inventory (1), Retail Store Inventory Management (12), Retail Warehouse Management System (2), Retail Workforce Management (2), Retail Workforce Management Software (2), Retail XBRi Loss Prevention (1), Retail Xstore Office (4), Retail Xstore Office Cloud Service (2), Retail Xstore Payment (2), Retail Xstore Point of Service (68), Revenue Management (6), S7 (1), SD-WAN Aware (6), SD-WAN Edge (28), SOA Suite (15), SPARC Enterprise M3000 (2), SPARC Enterprise M4000 (1), SPARC Enterprise M5000 (1), SPARC Enterprise M8000 (1), SPARC Enterprise M9000 (1), SQL Developer (5), SQLcl (1), SYNEL (1), Sales Offline (4), Sales for Handhelds (1), Scripting (6), Secure Backup (7), Secure Enterprise Search (1), Secure Global Desktop (34), Security Service (8), Segmentation Foundation (24), Self-Service Human Resources (2), Service Architecture Leveraging Tuxedo (1), Service Bus (10), Service Contracts (2), Service Intelligence (1), Service Management (4), Services Tools Bundle (2), Shipping Execution (1), Siebel Apps (5), Siebel Apps - Marketing (5), Siebel Apps-Marketing (3), Siebel Apps Field Service (1), Siebel CRM (34), Siebel CRM Desktop (2), Siebel Core (4), Siebel Core-Automation (1), Siebel Core - Automation (1), Siebel Core-Common Components (2), Siebel Core - Common Components (1), Siebel Core - DB Deployment (1), Siebel Core-DB Deployment and Configuration (1), Siebel Core - Server BizLogic Script (1), Siebel Core - Server Framework (3), Siebel Core CRM (1), Siebel Engineering (1), Siebel Engineering - Installer (3), Siebel Engineering-Installer & Deployment (1), Siebel Engineering-Rel Eng (1), Siebel Engineering Installer (1), Siebel Industry-Life Sciences (1), Siebel Mobile App (1), Siebel Mobile Applications (1), Siebel UI Framework (34), Site Hub (1), Social Network (1), Solaris (143), Solaris Cluster (15), Sourcing (2), Spatial Studio (5), Spatial and Graph (1), Storage Cloud Software Appliance (2), StorageTek ACSLS (6), StorageTek Tape Analytics (2), StorageTek Tape Analytics SW Tool (12), Stream Analytics (3), Subledger Accounting (1), Subsetting (1), Sun Systems Products Suite (3), Sun ZFS Storage Appliance (1), Sun ZFS Storage Appliance Kit (18), Sun ZFS Storage Appliance Kit (AK) (12), SuperCluster Specific Software (2), System Utilities (1), T7 (1), Talent Acquisition Cloud (1), Taleo Platform (1), Tape Library ACSLS (9), Tape Virtual Storage Manager GUI (1), Tekelec HLR Router (1), Tekelec Platform Distribution (5), Tekelec Virtual Operating Environment (1), Territory Management (1), Thesaurus Management System (1), Time and Labor (4), TimesTen In-Memory Database (14), Trace File Analyzer (1), Trade Management (24), Traffic Director (2), Transfer Pricing Component (1), Transportation Execution (1), Transportation Management (32), Transportation Manager (1), Tuxedo (8), Tuxedo System (3), Underwriting (1), Unified (2), Unified Directory (3), Universal Work Queue (7), User Management (3), Utilities Advanced Spatial (2), Utilities Application Framework (9), Utilities Customer Self Service (1), Utilities Framework (34), Utilities Mobile Workforce Management (2), Utilities Network Management System (17), Utilities Testing Accelerator (23), Utilities Work (3), Utilties Application Framework (3), VM Server for SPARC (1), VM VirtualBox (299), Virtual Directory (3), Web Analytics (2), Web Applications Desktop Integrator (8), Web Cache (1), WebCenter Content (15), WebCenter Interaction (7), WebCenter Interaction Portal (1), WebCenter Portal (66), WebCenter Sites (59), WebCenter Sites Support Tools (1), WebLogic Portal (1), WebLogic Server (286), WebLogic Server Proxy Plug-In (2), Web Services (1), Web Services Manager (2), Weblogic Server Proxy Plug-in (1), Workflow (5), Work in Process (2), X86 Servers (1), ZFS Storage Appliance Kit (17), ZFS Storage Application Integration Engineering Software (1), iLearning (11), iPlanet Web Server (4), iProcurement (1), iReceivables (2), iRecruitment (2), iSetup (2), iStore (34), iSupplier Portal (4), iSupport (19)

Link to Vendor Website: https://www.oracle.com

PublishedBaseTempVulnerabilityProdExpRemCTIEPSSCVE
01/16/20245.45.3Oracle Utilities Network Management System NMS Monitor denial of serviceUnknownNot DefinedOfficial Fix0.000.00059CVE-2023-34462
01/16/20244.84.7Oracle Utilties Application Framework General input validationUnknownNot DefinedOfficial Fix0.040.00180CVE-2021-29425
01/16/20245.35.2Oracle Utilties Application Framework General information disclosureUnknownNot DefinedOfficial Fix0.030.00051CVE-2023-33201
01/16/20245.55.4Oracle Utilities Network Management System NMS Monitor denial of serviceUnknownNot DefinedOfficial Fix0.040.00044CVE-2022-40896
01/16/20245.55.4Oracle Utilities Network Management System NMS Monitor denial of serviceUnknownNot DefinedOfficial Fix1.010.00047CVE-2023-42503
01/16/20246.66.5Oracle Utilities Network Management System User Interface file accessUnknownNot DefinedOfficial Fix0.080.00045CVE-2023-2976
01/16/20246.86.7Oracle Utilties Application Framework User Interface denial of serviceUnknownNot DefinedOfficial Fix0.970.01484CVE-2020-7760
01/16/20242.32.2Oracle ZFS Storage Appliance Kit Core information disclosureUnknownNot DefinedOfficial Fix1.080.00043CVE-2024-20914
01/16/20243.83.7Oracle Solaris Filesystem information disclosureOperating SystemNot DefinedOfficial Fix1.280.00043CVE-2024-20920
01/16/20244.34.1Oracle ZFS Storage Appliance Kit Object Store information disclosureUnknownNot DefinedOfficial Fix0.050.00045CVE-2023-21833
01/16/20244.44.3Oracle ZFS Storage Appliance Kit Core denial of serviceUnknownNot DefinedOfficial Fix1.120.00043CVE-2024-20959
01/16/20244.84.7Oracle Integrated Lights Out Manager System Management unknown vulnerabilityNetwork Management SoftwareNot DefinedOfficial Fix0.020.00045CVE-2024-20906
01/16/20245.55.4Oracle Solaris Kernel denial of serviceOperating SystemNot DefinedOfficial Fix0.020.00043CVE-2024-20946
01/16/20247.57.3Oracle Fujitsu M10-1 XCP Firmware denial of serviceUnknownNot DefinedOfficial Fix0.020.00103CVE-2022-4450
01/16/20249.89.6Oracle Fujitsu M10-1 XCP Firmware out-of-bounds writeUnknownNot DefinedOfficial Fix0.040.00537CVE-2021-43527
01/16/20249.89.6Oracle Fujitsu M10-1 XCP Firmware sql injectionUnknownNot DefinedOfficial Fix0.080.01103CVE-2022-29155
01/16/20246.15.9Oracle Complex Maintenance, Repair, and Overhaul LOV unknown vulnerabilityUnknownNot DefinedOfficial Fix0.970.00052CVE-2024-20942
01/16/20246.66.5Oracle Agile PLM Security file accessProduct Lifecycle Management SoftwareNot DefinedOfficial Fix1.120.00045CVE-2023-2976
01/16/20247.37.0Oracle Agile Product Lifecycle Management for Process Installation Remote Code ExecutionUnknownNot DefinedOfficial Fix0.030.00046CVE-2024-20956
01/16/20247.57.3Oracle Agile PLM Security denial of serviceProduct Lifecycle Management SoftwareNot DefinedOfficial Fix1.080.00049CVE-2023-34624
01/16/20247.57.3Oracle Agile PLM Security denial of serviceProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.040.70585CVE-2023-44487
01/16/20248.88.4Oracle Agile PLM Export Privilege EscalationProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.060.00093CVE-2024-20953
01/16/20247.57.3Oracle Siebel CRM EAI /UI denial of serviceCustomer Relationship Management SystemNot DefinedOfficial Fix0.020.70585CVE-2023-44487
01/16/20247.57.2Oracle Siebel CRM EAI denial of serviceCustomer Relationship Management SystemNot DefinedOfficial Fix0.770.00053CVE-2023-1436
01/16/20244.54.5Oracle Retail Customer Management and Segmentation Foundation Internal Operations information disclosureUnknownNot DefinedOfficial Fix0.360.00044CVE-2023-35887
01/16/20246.26.1Oracle Retail Customer Management and Segmentation Foundation Internal Operations cross site scriptingUnknownNot DefinedOfficial Fix0.520.00311CVE-2021-41182
01/16/20246.15.8Oracle Retail Customer Management and Segmentation Foundation Internal Operations cross site scriptingUnknownNot DefinedOfficial Fix0.280.00707CVE-2020-26870
01/16/20247.57.3Oracle Retail EFTLink Install denial of serviceUnknownNot DefinedOfficial Fix0.000.70585CVE-2023-44487
01/16/20247.57.3Oracle Retail Customer Management and Segmentation Foundation Internal Operations denial of serviceUnknownNot DefinedOfficial Fix0.030.03975CVE-2023-24998
01/16/20249.89.6Oracle Retail Advanced Inventory Planning Operations/Maintenance out-of-bounds writeUnknownNot DefinedOfficial Fix0.900.03822CVE-2022-42920
01/16/20246.56.3Oracle PeopleSoft Enterprise PeopleTools Security information disclosureEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.650.00090CVE-2023-44483
01/16/20246.66.5Oracle PeopleSoft Enterprise PeopleTools Open Search/Elastic Search/File Processing file accessEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.920.00045CVE-2023-2976
01/16/20247.57.3Oracle PeopleSoft Enterprise PeopleTools Open Search/Elastic Search/Web Server denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.020.00049CVE-2023-5072
01/16/20247.57.3Oracle PeopleSoft Enterprise PeopleTools Open Search/Elastic Search denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.780.70585CVE-2023-44487
01/16/20244.44.2Oracle MySQL Server Options denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00044CVE-2024-20968
01/16/20244.44.2Oracle MySQL Server Firewall denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.040.00044CVE-2024-20984
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.040.00044CVE-2024-20982
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.160.00044CVE-2024-20978
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00044CVE-2024-20976
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00044CVE-2024-20974
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00044CVE-2024-20972
01/16/20244.94.8Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.360.00044CVE-2024-20971
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.020.00044CVE-2024-20970
01/16/20244.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000.00044CVE-2024-20966
01/16/20244.94.8Oracle MySQL Server DML denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.740.00044CVE-2024-20983
01/16/20244.94.8Oracle MySQL Server DDL denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.840.00044CVE-2024-20981
01/16/20244.94.8Oracle MySQL Cluster denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00053CVE-2024-20965
01/16/20245.35.1Oracle MySQL Server denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.040.00044CVE-2024-20964
01/16/20245.55.4Oracle MySQL Server Replication unknown vulnerabilityDatabase SoftwareNot DefinedOfficial Fix0.020.00044CVE-2024-20967
01/16/20245.55.4Oracle MySQL Server DDL unknown vulnerabilityDatabase SoftwareNot DefinedOfficial Fix0.020.00044CVE-2024-20969

9950 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!