Oracle Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Oracle MySQL Server930
Oracle Java SE392
Oracle VM VirtualBox315
Oracle PeopleSoft Enterprise PeopleTools283
Oracle E-Business Suite280

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix9811
Temporary Fix0
Workaround2
Unavailable0
Not Defined187

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High135
Functional1
Proof-of-Concept170
Unproven112
Not Defined9582

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical19
Local1146
Adjacent126
Network8709

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High1239
Low2280
None6481

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required2505
None7495

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤212
≤3105
≤4375
≤51191
≤61691
≤71826
≤82069
≤91434
≤101297

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤212
≤3155
≤4400
≤51187
≤62320
≤71604
≤82420
≤9742
≤101160

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤12
≤217
≤3116
≤4389
≤51205
≤61704
≤71850
≤81973
≤91399
≤101345

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤27
≤344
≤4248
≤5621
≤61060
≤71380
≤81467
≤91003
≤101179

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤21
≤328
≤431
≤5132
≤6158
≤7199
≤8216
≤9174
≤1025

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤12
≤211
≤347
≤4183
≤5540
≤6671
≤7804
≤8811
≤9753
≤10649

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k21
<2k82
<5k1215
<10k2867
<25k3983
<50k721
<100k705
≥100k406

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k5928
<2k1128
<5k1577
<10k341
<25k910
<50k116
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (905): 40G 10G 72 (1), 64 Ethernet Switch (1), ADF (3), API Gateway (16), Access Manager (19), Adaptive Access Manager (3), Advanced Collections (2), Advanced Inbound Telephony (2), Advanced Outbound Telephony (14), Advanced Pricing (1), Advanced Supply Chain Planning (3), Advanced Support Gateway (1), Agile Engineering Data Management (34), Agile Material (1), Agile PLM (96), Agile PLM Framework (2), Agile PLM MCAD Connector (5), Agile PLM for Process (1), Agile Product Lifecycle Management Integration Pack for E-Business Suite (2), Agile Product Lifecycle Management Integration Pack for SAP: Design to Release (1), Agile Product Lifecycle Management for Process (9), Agile Recipe Management for Pharmaceuticals (3), Airlines Data Model (1), Analytics (30), Application Express (3), Application Management Pack for E-Business Suite (2), Application Object Library (17), Application Performance Management (2), Application Performance Management (APM) (1), Application Server (4), Application Service Level Management (1), Application Session Controller (4), Application Testing Suite (35), Applications DBA (4), Applications Framework (20), Applications Manager (15), Applications Monitor (3), Applications Technology Stack (3), Approvals Management (1), ArchivistaBox (1), Argus Analytics (1), Argus Insight (1), Argus Mart (1), Argus Safety (10), Asset Management (3), Asset Management (v1) (1), AutoVue (8), AutoVue 3D Professional Advanced (1), AutoVue VueLink Integration (1), Automatic Service Request (10), Autonomous Health Framework (1), Autovue for Agile Product Lifecycle Management (7), BAM (Business Activity Monitoring) (3), BI Publisher (63), BI Publisher (formerly XML Publisher) (3), Back Office (1), Banking APIs (9), Banking Branch (1), Banking Cash Management (2), Banking Corporate Lending (22), Banking Corporate Lending Process Management (12), Banking Credit Facilities Process Management (12), Banking Deposits and Lines of Credit Servicing (4), Banking Digital Experience (12), Banking Electronic Data Exchange for Corporates (1), Banking Enterprise Collections (4), Banking Enterprise Default Management (15), Banking Enterprise Originations (4), Banking Enterprise Product Manufacturing (5), Banking Extensibility Workbench (6), Banking Liquidity Management (9), Banking Loans Servicing (4), Banking Origination (1), Banking Party Management (15), Banking Payments (31), Banking Platform (45), Banking Supply Chain Finance (11), Banking Trade Finance (13), Banking Trade Finance Process Management (9), Banking Treasury Management (9), Banking Virtual Account Management (11), Berkeley DB (53), Big Data Discovery (7), Big Data Graph (6), Big Data Spatial and Graph (5), Bill Presentment Architecture (1), Billing (6), Billing Analytics (1), Bills of Material (1), Blockchain Platform (15), Business Activity Monitoring (2), Business Activity Monitoring(BAM) (1), Business Intelligence Data Warehouse Administration Console (1), Business Intelligence Enterprise Edition (79), Business Process Management Suite (21), Business Transaction Management (2), CRM Gateway for Mobile Devices (3), CRM Technical Foundation (40), Cash Management (1), Category Management Planning (1), Clinical (2), CloudForms Management Engine (1), Cloud Infrastructure Data Science Notebook Sessions (1), Cloud Infrastructure Storage Gateway (4), Cloud Services (2), Cluster (1), Clusterware (4), Coherence (17), Collaboration (1), Collaborative Planning (2), Collateral Management (25), Commerce (2), Commerce Experience Manager (14), Commerce Guided Search (39), Commerce Merchandising (5), Commerce Platform (21), Commerce Service Center (3), Common Applications (8), Common Applications Calendar (10), Communications (23), Communications ASAP (5), Communications ASAP Cartridges (1), Communications Analytics (3), Communications Application Session Controller (17), Communications BRM (15), Communications BRM - Elastic Charging Engine (11), Communications BRM Elastic Charging Engine (4), Communications Billing (3), Communications Billing and Revenue Management (34), Communications Calendar Server (7), Communications Cloud Native Core Automated Test Suite (13), Communications Cloud Native Core Binding Support Function (42), Communications Cloud Native Core Console (28), Communications Cloud Native Core Network Data Analytics Function (1), Communications Cloud Native Core Network Exposure Function (12), Communications Cloud Native Core Network Function Cloud Native Environment (32), Communications Cloud Native Core Network Repository Function (20), Communications Cloud Native Core Network Slice Selection Function (16), Communications Cloud Native Core Policy (66), Communications Cloud Native Core Security Edge Protection Proxy (29), Communications Cloud Native Core Service Communication Proxy (17), Communications Cloud Native Core Unified Data Repository (33), Communications Contacts Server (8), Communications Control Plane Monitor (1), Communications Converged Application Server (7), Communications Converged Application Server-Service Controller (1), Communications Converged Application Server - Service Controller (1), Communications Converged Application Server Service Controller (1), Communications Convergence (11), Communications Convergent Charging Controller (5), Communications Core Session Manager (2), Communications Data Model (2), Communications Design Studio (15), Communications Diameter Intelligence Hub (11), Communications Diameter Signaling Router (63), Communications Diameter Signaling Router (DSR) (5), Communications EAGLE Application Processor (6), Communications EAGLE Element Management System (1), Communications EAGLE FTP Table Base Retrieval (3), Communications EAGLE LNP Application Processor (7), Communications EAGLE Software (3), Communications Elastic Charging Engine (5), Communications Element Manager (34), Communications Evolved Communications Application Server (8), Communications Fraud Monitor (1), Communications IP Service Activator (4), Communications Instant Messaging Server (20), Communications Interactive Session Recorder (15), Communications LSMS (8), Communications Messaging Server (34), Communications MetaSolv Solution (12), Communications Network Charging (6), Communications Network Charging and Control (7), Communications Network Integrity (16), Communications Network Intelligence (1), Communications Offline Mediation Controller (12), Communications Online Mediation Controller (1), Communications Operations Monitor (29), Communications Order (4), Communications Order and Service Management (6), Communications Performance Intelligence Center (PIC) Software (8), Communications Performance Intelligence Center Software (8), Communications Policy Management (47), Communications Pricing Design Center (26), Communications Security Gateway (2), Communications Service Broker (4), Communications Service Broker Engineered System Edition (2), Communications Services Gatekeeper (20), Communications Session Border Controller (27), Communications Session Report Manager (35), Communications Session Route Manager (34), Communications Session Router (5), Communications Subscriber-Aware Load Balancer (3), Communications Tekelec HLR Router (1), Communications Unified Assurance (15), Communications Unified Inventory Management (34), Communications Unified Session Manager (7), Communications User Data Repository (17), Communications WebRTC Session Controller (27), Compensation Workbench (1), Complex Maintenance (1), Complex Maintenance, Repair, and Overhaul (3), Concurrent Processing (1), Configuration (1), Configuration Manager (5), Configurator (10), Construction (10), Construction and Engineering (3), Content Manager (3), Control (6), Converged Application Server (1), Converged Application Server - Service Controller (1), Converged Commerce (1), Convergence (2), Crystal Ball (1), Customer Interaction History (7), Customer Management (6), Customers Online (1), Data Integrator (31), Data Masking (1), Data Visualization Desktop (1), Database (81), Database Enterprise Edition (1), Database Enterprise Edition RDBMS Security (1), Database Enterprise Edition Recovery (1), Database Enterprise Edition Sharding (1), Database Lite Server (1), Database Mobile Server (1), Database Server (150), Deal Management (1), Demand Planning (2), Demantra Demand Management (7), Deployment (4), Depot Repair (10), Diagnostic Assistant (2), Diameter Signaling Router (DSR) (3), Directory Server Enterprise Edition (5), Discoverer (2), Discovery (5), Documaker (13), Documaker Enterprise Edition (3), Document Management (1), Document Management and Collaboration (2), E-Business (6), E-Business Intelligence (6), E-Business Suite (280), E-Business Suite Cloud Manager and Cloud Backup Module (1), E-Business Suite Information Discovery (2), E-Business Suite Secure Enterprise Search (2), E-Business Suite Technology Stack (1), E-Business Suite´┐Ż (7), E-Business Tax (1), E-Records (1), EAGLE (Software) (1), Email Center (21), Endeca Information Discovery Integrator (14), Endeca Information Discovery Studio (16), Endeca Server (10), Engineering (2), Engineering Data Management (1), Engineering Suite (10), Enterprise Asset Management (2), Enterprise Command Center Framework (1), Enterprise Communications Broker (23), Enterprise Data Quality (13), Enterprise Manager (51), Enterprise Manager Base Platform (100), Enterprise Manager Grid Control (3), Enterprise Manager Ops Center (65), Enterprise Manager for Database (6), Enterprise Manager for Exadata (1), Enterprise Manager for Fusion Applications (1), Enterprise Manager for Fusion Middleware (9), Enterprise Manager for MySQL Database (5), Enterprise Manager for Peoplesoft (3), Enterprise Manager for Storage Management (2), Enterprise Manager for Virtualization (7), Enterprise Operations Monitor (3), Enterprise Repository (26), Enterprise Session Border Controller (23), Enterprise Telephony Fraud Monitor (1), Equipment Management for Pharmaceuticals (1), Essbase (18), Essbase Analytic Provider Services (3), Ethernet Switch ES1-24 (1), Ethernet Switch ES2-64 (2), Ethernet Switch ES2-72 (2), Ethernet Switch TOR-72 (1), Exalogic Infrastructure (7), Experience Manager (1), Explorer (1), FLEXCUBE Core Banking (16), FLEXCUBE Direct Banking (18), FLEXCUBE Enterprise Limits (25), FLEXCUBE Investor Servicing (44), FLEXCUBE Private Banking (73), FLEXCUBE Universal Banking (91), FMW Platform (3), Field Service (5), Financial Services - Regulatory Reporting for Reserve Bank of India - Lombard Risk Integration Pack (1), Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack (1), Financial Services Analytical Applications Infrastructure (65), Financial Services Analytical Applications Reconciliation Framework (3), Financial Services Asset Liability Management (8), Financial Services Balance Sheet Planning (4), Financial Services Basel Regulatory Capital Basic (5), Financial Services Basel Regulatory Capital Internal Ratings Based Approach (5), Financial Services Behavior Detection Platform (11), Financial Services Compliance Regulatory Reporting (1), Financial Services Crime and Compliance Investigation Hub (1), Financial Services Crime and Compliance Management Studio (23), Financial Services Data Foundation (4), Financial Services Data Governance for US Regulatory Reporting (1), Financial Services Data Integration Hub (5), Financial Services Deposit Insurance Calculations for Liquidity Risk Management (1), Financial Services Enterprise Case Management (9), Financial Services Enterprise Financial Performance Analytics (2), Financial Services Foreign Account Tax Compliance Act Management (1), Financial Services Funds Transfer Pricing (11), Financial Services Hedge Management (8), Financial Services Hedge Management and IFRS Valuations (1), Financial Services Institutional Performance Analytics (6), Financial Services Lending (4), Financial Services Liquidity Risk Management (8), Financial Services Liquidity Risk Measurement (2), Financial Services Liquidity Risk Measurement and Management (1), Financial Services Loan Loss Forecasting (8), Financial Services Loan Loss Forecasting and Provisioning (1), Financial Services Market Risk (2), Financial Services Market Risk Measurement (7), Financial Services Market Risk Measurement and Management (4), Financial Services Model Management and Governance (11), Financial Services Price Creation (5), Financial Services Price Creation and Discovery (3), Financial Services Pricing Management (1), Financial Services Profitability Management (10), Financial Services Reconciliation Framework (2), Financial Services Regulatory Reporting for De Nederlandsche Bank (1), Financial Services Regulatory Reporting for European Banking Authority (2), Financial Services Regulatory Reporting for European Banking Authority - Integration Pack for Lombard Risk (1), Financial Services Regulatory Reporting for US Federal Reserve (2), Financial Services Regulatory Reporting with AgileREPORTER (3), Financial Services Retail Customer Analytics (5), Financial Services Retail Performance Analytics (2), Financial Services Revenue Management (4), Financial Services Revenue Management and Billing (3), Financial Services Revenue Management and Billing Analytics (2), Financial Services Trade-Based Anti Money Laundering Enterprise Edition (5), Financials Common Modules (1), Forms (1), Fuel POS Software (7), Fujitsu M10-1 (21), Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers (4), Fujitsu M10-4 (18), Fujitsu M10-4S (18), Fujitsu M12-1 (17), Fujitsu M12-2 (17), Fujitsu M12-2S (9), Fujitsu M12-2S Servers (8), Fujitsu M Server (2), Fulfillment Manager (1), Fusion Middleware (54), Fusion Middleware MapViewer (22), General Ledger (4), GlassFish Open Source Edition (1), GlassFish Server (26), GlassFish Server Open Source Edition (3), Global Lifecycle Management (2), Global Lifecycle Management NextGen OUI Framework (7), Global Lifecycle Management OPatch (3), Global Lifecycle Management OPatchAuto (1), Global Order Promising (1), GoldenGate (17), GoldenGate Application Adapter (2), GoldenGate Application Adapters (9), GoldenGate Big Data (1), GoldenGate Monitor (1), GoldenGate Stream Analytics (4), GoldenGate Veridata (1), GoldenGate for Big Data (1), Goldengate (1), GraalVM Enterprise Edition (34), Graph Server and Client (4), HCM Common Architecture (1), HRMS (France) (1), HTTP Server (47), Hardware Management Pack (2), Health Sciences Argus Safety (1), Health Sciences Central Coding (1), Health Sciences Clinical Development Analytics (1), Health Sciences Clinical Development Center (2), Health Sciences Data Management Workbench (7), Health Sciences Empirica Inspections (3), Health Sciences Empirica Signal (8), Health Sciences InForm (2), Health Sciences InForm CRF Submit (1), Health Sciences InForm Publisher (1), Health Sciences Information Manager (9), Healthcare Analytics Data Integration (1), Healthcare Data Repository (13), Healthcare Foundation (10), Healthcare Master Person Index (11), Healthcare Translational Research (9), Helidon (3), Help Technologies (1), Hospitality 9700 (2), Hospitality Cruise AffairWhere (2), Hospitality Cruise Dining Room Management (4), Hospitality Cruise Fleet Management (14), Hospitality Cruise Fleet Management System (5), Hospitality Cruise Materials Management (4), Hospitality Cruise Shipboard Property Management System (18), Hospitality Gift (4), Hospitality Gift and Loyalty (1), Hospitality Guest Access (27), Hospitality Hotel Mobile (6), Hospitality Inventory Management (5), Hospitality Labor Management (2), Hospitality Materials Control (6), Hospitality OPERA 5 (10), Hospitality OPERA 5 Property Services (18), Hospitality Property Interfaces (2), Hospitality RES 3700 (5), Hospitality Reporting (30), Hospitality Reporting and Analytics (8), Hospitality Simphony (29), Hospitality Simphony First Edition (5), Hospitality Simphony First Edition Venue Management (1), Hospitality Suite (1), Hospitality Suite8 (23), Hospitality Suites Management (2), Hospitality Token Proxy Service (3), Hospitality WebSuite8 Cloud Service (3), Hospitality e7 (3), Human Resources (8), Hyperion (11), Hyperion Analytic Provider Services (2), Hyperion BI+ (11), Hyperion Calculation Manager (1), Hyperion Data Relationship Management (6), Hyperion Enterprise Performance Management Architect (3), Hyperion Essbase (4), Hyperion Essbase Administration Services (2), Hyperion Financial Close Management (3), Hyperion Financial Management (5), Hyperion Financial Reporting (10), Hyperion Infrastructure Technology (20), Hyperion Lifecycle Management (2), Hyperion Planning (7), Hyperion Profitability and Cost Management (1), Hyperion Smart View for Office (1), Hyperion Tax Provision (1), Hyperion Workspace (1), IFRS Valuations (8), ILOM (13), Identity Analytics (3), Identity Federation (2), Identity Management Suite (4), Identity Manager (13), Identity Manager Connector (8), In-Memory Performance-Driven Planning (1), In-Memory Policy Analytics (1), Incentive Compensation (2), Industry (1), Installed Base (6), Instant Messaging Server (2), Instantis EnterpriseTrack (31), Insurance Accounting Analyzer (4), Insurance Allocation Manager for Enterprise Profitability (4), Insurance Calculation Engine (10), Insurance Data Foundation (3), Insurance Data Gateway (4), Insurance IFRS 17 Analyzer (2), Insurance IStream (1), Insurance Insbridge Rating (1), Insurance Insbridge Rating and Underwriting (7), Insurance Istream (1), Insurance Performance Insight (2), Insurance Policy Administration (15), Insurance Policy Administration J2EE (14), Insurance Rules Palette (16), Integrated Lights Out Manager (9), Integrated Lights Out Manager (ILOM) (4), Interaction Blending (1), Interaction Center Intelligence (2), Interactive Session Recorder (2), Internet Directory (4), Internet Expenses (4), JD Edwards (8), JD Edwards EnterpriseOne Orchestrator (18), JD Edwards EnterpriseOne Technology (1), JD Edwards EnterpriseOne Tools (96), JD Edwards World Security (11), JD Edwards World Technical Foundation (1), JDeveloper (18), JDeveloper and ADF (1), Java Advanced Management Console (6), Java ME SDK (1), Java SE (392), Java VM (1), Knowledge (18), Knowledge Management (9), Labor Distribution (1), Landed Cost Management (1), Leads Management (1), Learning Management (2), Lease and Finance Management (1), Leasing (4), Legal Entity Configurator (1), Life Sciences Data Hub (2), Linux (1), Linux UEK (1), Load (2), Loans (1), Loyalty (4), M7 (1), M10-1 (2), M10-4 (5), M10-4S (2), M10-4S Servers (3), M12-1 (2), M12-2 (2), M12-2S (2), M3000 (1), M4000 (6), M5000 (6), M8000 (6), M9000 (5), M9000 Servers (1), MES for Process Manufacturing (1), MICROS 700 Series Tablet (2), MICROS BellaVita (1), MICROS Compact Workstation 3 (1), MICROS ES400 Series (1), MICROS Handheld Terminal (4), MICROS Kitchen Display Controller (1), MICROS Kitchen Display System Hardware (1), MICROS Lucas (6), MICROS PC Workstation 2015 (3), MICROS Relate CRM Software (10), MICROS Retail-J (7), MICROS Retail XBRi Loss Prevention (9), MICROS Workstation 5A (1), MICROS Workstation 6 (5), MICROS Workstation 650 (2), MICROS XBR (3), MICROS XBRi (1), MICROS Xstore Payment (1), Managed File Transfer (13), Management (9), Management Cloud Engine (5), Management Pack for GoldenGate (4), MapViewer (1), Marketing (40), Marketing Encyclopedia System (1), Messaging Server (1), Middleware Common Libraries and Tools (17), Mobile Field Service (4), Mobile Security Suite (2), MySQL (6), MySQL Client (12), MySQL Cluster (80), MySQL Connector (1), MySQL Connectors (38), MySQL Enterprise Backup (6), MySQL Enterprise Monitor (69), MySQL Installer (1), MySQL Server (930), MySQL Shell (5), MySQL Shell for VS Code (1), MySQL Utilities (1), MySQL Workbench (33), NetBeans (1), NetSuite (2), NoSQL Database (6), OPatch (1), OSS Support Tools (26), OSS Support Tools Explorer (1), One-to-One Fulfillment (25), Online Mediation Controller (2), OpenGrok (1), OpenSSO (5), Operational Analytics (2), Operations Intelligence (1), Optimization (2), Order Management (1), Outside In Technology (198), Overhaul (1), Partner Management (10), Payables (2), Payment Interface (2), PeopleSoft (20), PeopleSoft Enterprise CC Common Application Objects (4), PeopleSoft Enterprise CS Academic Advisement (3), PeopleSoft Enterprise CS Campus Community (6), PeopleSoft Enterprise CS Financial Aid (1), PeopleSoft Enterprise CS SA Integration Pack (2), PeopleSoft Enterprise CS Student Records (1), PeopleSoft Enterprise Common Components (1), PeopleSoft Enterprise ELM (1), PeopleSoft Enterprise ELM Enterprise Learning Management (1), PeopleSoft Enterprise FIN Cash Management (1), PeopleSoft Enterprise FIN Common Application Objects (1), PeopleSoft Enterprise FIN Expenses (4), PeopleSoft Enterprise FIN Install (2), PeopleSoft Enterprise FIN Payables (1), PeopleSoft Enterprise FIN Project Costing (1), PeopleSoft Enterprise FIN Receivables (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Argentina (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Brazil (1), PeopleSoft Enterprise FSCM (10), PeopleSoft Enterprise HCM (12), PeopleSoft Enterprise HCM Absence Management (1), PeopleSoft Enterprise HCM Candidate Gateway (1), PeopleSoft Enterprise HCM Global Payroll Core (1), PeopleSoft Enterprise HCM Global Payroll Switzerland (1), PeopleSoft Enterprise HCM Human Resources (8), PeopleSoft Enterprise HCM Shared Components (2), PeopleSoft Enterprise HCM Talent Acquisition Manager (1), PeopleSoft Enterprise HCM Talent Acquistion Managment (1), PeopleSoft Enterprise HCM ePerformance (1), PeopleSoft Enterprise HCM eProfile Manager Desktop (1), PeopleSoft Enterprise HRMS (4), PeopleSoft Enterprise Interaction Hub (1), PeopleSoft Enterprise PRTL Interaction Hub (16), PeopleSoft Enterprise PT PeopleTools (17), PeopleSoft Enterprise PeopleTools (283), PeopleSoft Enterprise Portal Interaction Hub (1), PeopleSoft Enterprise SCM (2), PeopleSoft Enterprise SCM Purchasing (5), PeopleSoft Enterprise SCM Service Procurement (1), PeopleSoft Enterprise SCM Services Procurement (1), PeopleSoft Enterprise SCM Strategic Sourcing (2), PeopleSoft Enterprise SCM eBill Payment (1), PeopleSoft Enterprise SCM eProcurement (6), PeopleSoft Enterprise SCM eSupplier Connection (2), PeopleSoft HRMS (1), PeopleSoft PeopleTools (1), PeopleSoft Products (1), Performance Management (1), Pillar Axiom (1), Platform Security for Java (3), Policy Automation (10), Policy Automation Connector for Siebel (6), Policy Automation for Mobile Devices (6), Portal (1), Primavera Analytics (2), Primavera Contract Management (2), Primavera Data Warehouse (1), Primavera Gateway (41), Primavera P6 Enterprise Project Portfolio Management (56), Primavera P6 Professional Project Management (2), Primavera Portfolio Management (13), Primavera Unifier (69), Product Hub (1), Product Lifecycle Analytics (9), Project Contracts (1), Project Costing (1), Projects (1), Provisioning (8), Public Sector Financials International (1), Purchasing (1), Quoting (2), REST Data Services (13), Rapid Planning (17), Real-Time Decision Server (6), Real-Time Decisions (RTD) Solutions (2), Real-Time Scheduler (3), Real User Experience Insight (5), Receivables (1), Repair (1), Reports Developer (3), Retail (10), Retail Advanced Inventory Planning (9), Retail Advanced Science Engine (1), Retail Allocation (6), Retail Analytic Parameter Calculator - RO (2), Retail Analytics (2), Retail Assortment Planning (21), Retail Back Office (25), Retail Bulk Data Integration (10), Retail Category Management (1), Retail Category Management Planning (1), Retail Category Management Planning & Optimization (1), Retail Central (1), Retail Central Office (23), Retail Clearance Optimization Engine (9), Retail Convenience (7), Retail Convenience Store Back Office (1), Retail Customer Engagement (3), Retail Customer Insights (14), Retail Customer Management (18), Retail Customer Management and Segmentation Foundation (21), Retail Data Extractor for Merchandising (3), Retail Demand Forecasting (1), Retail EFTLink (10), Retail Extract Transform (2), Retail Extract Transform and Load (5), Retail Financial Integration (18), Retail Fiscal Management (4), Retail Fusion Platform (1), Retail Insights (2), Retail Insights Cloud Service Suite (1), Retail Integration Bus (34), Retail Invoice Matching (14), Retail Item Planning (3), Retail MICROS ARS POS (1), Retail MICROS C2 (1), Retail Macro Space Optimization (3), Retail Markdown Optimization (4), Retail Merchandise Financial Planning (3), Retail Merchandising Insights (2), Retail Merchandising System (26), Retail Open Commerce Platform (10), Retail Order Broker (45), Retail Order Broker Cloud Service (1), Retail Order Management System (5), Retail Order Management System Cloud Service (1), Retail Point-of-Sale (1), Retail Point-of-Service (17), Retail Point Of Service (1), Retail Predictive Application Server (24), Retail Price Management (6), Retail Pricing (1), Retail Regular Price Optimization (3), Retail Replenishment Optimization (3), Retail Returns Management (22), Retail Returns Management: (1), Retail Sales Audit (10), Retail Service Backbone (29), Retail Service Layer (1), Retail Size Profile Optimization (4), Retail Store Inventory (1), Retail Store Inventory Management (14), Retail Warehouse Management System (2), Retail Workforce Management (2), Retail Workforce Management Software (2), Retail XBRi Loss Prevention (1), Retail Xstore Office (4), Retail Xstore Office Cloud Service (1), Retail Xstore Payment (4), Retail Xstore Point of Service (59), Returns Management (1), Revenue Management (6), Right Now Service Cloud (1), S7 (1), SD-WAN Aware (5), SD-WAN Edge (15), SOA Suite (11), SPARC Enterprise M3000 (6), SPARC Enterprise M4000 (1), SPARC Enterprise M5000 (1), SPARC Enterprise M8000 (1), SPARC Enterprise M9000 (1), SPARC Enterprise M Server (1), SPARC Enterprise Server (5), SQL Developer (3), SQL Trace Analyzer (1), SQLcl (1), SYNEL (1), Sales Offline (4), Sales for Handhelds (1), Scripting (5), Secure Backup (10), Secure Enterprise Search (1), Secure Global Desktop (44), Security Service (9), Segmentation Foundation (24), Self-Service Human Resources (1), Service Architecture Leveraging Tuxedo (1), Service Bus (6), Service Contracts (2), Service Fulfillment Manager (1), Service Intelligence (1), Service Management (4), Services Tools Bundle (2), Shipping Execution (1), Siebel (10), Siebel Apps (3), Siebel Apps - Marketing (5), Siebel Apps-Marketing (3), Siebel Apps Field Service (1), Siebel CRM (29), Siebel CRM Desktop (2), Siebel Core (12), Siebel Core-Automation (1), Siebel Core - Automation (1), Siebel Core-Common Components (2), Siebel Core - Common Components (1), Siebel Core - DB Deployment (1), Siebel Core-DB Deployment and Configuration (1), Siebel Core - Server BizLogic Script (1), Siebel Core - Server Framework (3), Siebel Core CRM (1), Siebel Engineering (2), Siebel Engineering - Installer (3), Siebel Engineering-Installer & Deployment (1), Siebel Engineering-Rel Eng (1), Siebel Engineering Installer (1), Siebel Industry-Life Sciences (1), Siebel Life Sciences (1), Siebel Mobile App (1), Siebel Mobile Applications (1), Siebel Public Sector (1), Siebel UI Framework (45), Site Hub (1), Social Network (1), Solaris (222), Solaris Cluster (23), Sourcing (2), Spatial Studio (4), Spatial and Graph (1), Storage Cloud Software Appliance (2), StorageTek ACSLS (6), StorageTek Tape Analytics (2), StorageTek Tape Analytics SW Tool (12), Stream Analytics (3), Subledger Accounting (1), Subsetting (1), Sun Blade 6000 Ethernet Switched NEM 24P 10GE (2), Sun Data Center InfiniBand Switch 36 (2), Sun Network 10GE Switch 72p (2), Sun Network QDR InfiniBand Gateway Switch (2), Sun Ray Operating Software (1), Sun Ray Software (2), Sun Storage Common Array Manager (1), Sun Systems Products Suite (4), Sun ZFS Storage Appliance Kit (18), Sun ZFS Storage Appliance Kit (AK) (12), Sun ZFS Storage Appliance Kit AK (4), SuperCluster Specific Software (2), Supply Chain (6), Supply Chain Products Suite (7), Switch ES1-24 (2), System Utilities (1), T7 (1), Talent Acquisition Cloud (1), Taleo Platform (1), Tape Library ACSLS (9), Tape Virtual Storage Manager GUI (1), Tekelec HLR Router (1), Tekelec Platform Distribution (5), Tekelec Virtual Operating Environment (1), Territory Management (1), Thesaurus Management System (1), Time and Labor (4), TimesTen In-Memory Database (12), TopLink (1), Trace File Analyzer (1), Trade Management (24), Traffic Director (3), Transfer Pricing Component (1), Transportation Execution (1), Transportation Management (48), Transportation Manager (1), Tuxedo (11), Tuxedo System (3), Underwriting (1), Unified (2), Unified Directory (2), Universal Work Queue (8), User Management (2), Utilities Advanced Spatial (2), Utilities Customer Self Service (1), Utilities Framework (35), Utilities Mobile Workforce Management (2), Utilities Network Management System (11), Utilities Testing Accelerator (15), Utilities Work (4), VM Server (2), VM Server for SPARC (2), VM VirtualBox (315), Virtual Desktop Infrastructure (3), Virtual Directory (3), Virtualization VirtualBox (1), Web Analytics (2), Web Applications Desktop Integrator (8), Web Cache (4), WebCenter Content (11), WebCenter Interaction (7), WebCenter Interaction Portal (1), WebCenter Portal (54), WebCenter Sites (61), WebCenter Sites Support Tools (1), WebLogic Portal (2), WebLogic Server (263), WebLogic Server Proxy Plug-In (2), Web Services (2), Web Services Manager (2), Weblogic Server Proxy Plug-in (1), Workflow (5), Work in Process (2), X86 Servers (1), XML Gateway (1), ZFS Storage Appliance Kit (14), ZFS Storage Application Integration Engineering Software (1), iLearning (11), iPlanet Web Proxy Server (3), iPlanet Web Server (7), iReceivables (1), iRecruitment (1), iSetup (2), iStore (35), iSupplier Portal (4), iSupport (19)

Link to Vendor Website: https://www.oracle.com

PublishedBaseTempVulnerabilityProdExpRemCTIEPSSCVE
01/17/20233.83.7Oracle VM VirtualBox information disclosureVirtualization SoftwareNot DefinedOfficial Fix0.070.00885CVE-2023-21889
01/17/20233.83.7Oracle VM VirtualBox information disclosureVirtualization SoftwareNot DefinedOfficial Fix0.060.00885CVE-2023-21885
01/17/20234.44.2Oracle VM VirtualBox denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.000.00885CVE-2023-21884
01/17/20235.55.3Oracle VM VirtualBox denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.060.00885CVE-2023-21899
01/17/20235.55.3Oracle VM VirtualBox denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.100.00885CVE-2023-21898
01/17/20238.17.7Oracle VM VirtualBox Remote Code ExecutionVirtualization SoftwareNot DefinedOfficial Fix0.030.00885CVE-2023-21886
01/17/20234.84.6Oracle Utilities Network Management System System Wide unknown vulnerabilityUnknownNot DefinedOfficial Fix0.070.44262CVE-2021-29425
01/17/20235.95.7Oracle Utilities Network Management System System Wide denial of serviceUnknownNot DefinedOfficial Fix0.090.44262CVE-2021-45105
01/17/20236.56.2Oracle Utilities Network Management System System Wide unknown vulnerabilityUnknownNot DefinedOfficial Fix0.050.01108CVE-2021-43797
01/17/20237.57.2Oracle Utilities Network Management System Installation unknown vulnerabilityUnknownNot DefinedOfficial Fix0.040.05242CVE-2020-11979
01/17/20237.57.2Oracle Utilities Framework General denial of serviceUnknownNot DefinedOfficial Fix0.070.01108CVE-2022-42003
01/17/20239.89.4Oracle Utilities Network Management System Content Acquisition System Remote Code ExecutionUnknownNot DefinedOfficial Fix0.030.02686CVE-2020-10683
01/17/20239.89.4Oracle Utilities Framework General Remote Code ExecutionUnknownNot DefinedOfficial Fix0.000.48334CVE-2022-42889
01/17/20234.03.8Oracle Solaris NSSwitch unknown vulnerabilityOperating SystemNot DefinedOfficial Fix0.110.00885CVE-2023-21900
01/17/20239.89.4Oracle Fujitsu M10-1 XCP Firmware Remote Code ExecutionUnknownNot DefinedOfficial Fix0.060.02398CVE-2022-23219
01/17/20236.56.2Oracle OSS Support Tools Services Tools Bundle information disclosureUnknownNot DefinedOfficial Fix0.070.01246CVE-2021-37533
01/17/20236.56.2Oracle OSS Support Tools RDA - Remote Diagnostic Agent information disclosureUnknownNot DefinedOfficial Fix0.070.01246CVE-2021-37533
01/17/20236.56.2Oracle OSS Support Tools Diagnostic Assistant information disclosureUnknownNot DefinedOfficial Fix0.030.01246CVE-2021-37533
01/17/20239.89.4Oracle OSS Support Tools Services Tools Bundle Remote Code ExecutionUnknownNot DefinedOfficial Fix0.030.00885CVE-2022-45047
01/17/20239.89.4Oracle OSS Support Tools RDA - Remote Diagnostic Agent Remote Code ExecutionUnknownNot DefinedOfficial Fix0.030.00885CVE-2022-45047
01/17/20239.89.4Oracle OSS Support Tools Diagnostic Assistant Remote Code ExecutionUnknownNot DefinedOfficial Fix0.110.00885CVE-2022-45047
01/17/20235.35.1Oracle AutoVue Security denial of serviceUnknownNot DefinedOfficial Fix0.040.02686CVE-2019-7317
01/17/20235.55.3Oracle AutoVue Installation information disclosureUnknownNot DefinedOfficial Fix0.030.03052CVE-2019-12415
01/17/20236.66.3Oracle Demantra Demand Management Security Privilege EscalationUnknownNot DefinedOfficial Fix0.080.68637CVE-2021-44832
01/17/20237.57.2Oracle Demantra Demand Management E-Business Collections unknown vulnerabilityUnknownNot DefinedOfficial Fix0.030.00885CVE-2023-21850
01/17/20237.57.2Oracle Agile PLM Security denial of serviceProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.040.00954CVE-2022-24839
01/17/20237.57.2Oracle Agile PLM Security unknown vulnerabilityProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.030.00885CVE-2022-42252
01/17/20237.57.2Oracle Agile PLM Application Server unknown vulnerabilityProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.000.44262CVE-2022-34169
01/17/20237.87.5Oracle AutoVue Security Local Privilege EscalationUnknownNot DefinedOfficial Fix0.160.01018CVE-2020-27844
01/17/20236.66.3Oracle Siebel Apps - Marketing Privilege EscalationMarketing SoftwareNot DefinedOfficial Fix0.040.68637CVE-2021-44832
01/17/20239.89.4Oracle Siebel CRM Siebel Core - Server Infrastructure Remote Code ExecutionCustomer Relationship Management SystemNot DefinedOfficial Fix0.030.53745CVE-2022-2274
01/17/20237.57.2Oracle Retail Service Backbone Installation denial of serviceUnknownNot DefinedOfficial Fix0.120.01108CVE-2022-42003
01/17/20235.35.1Oracle PeopleSoft Enterprise CS Academic Advisement Advising Notes information disclosureEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.070.00885CVE-2023-21831
01/17/20235.45.2Oracle PeopleSoft Enterprise PeopleTools Panel Processor unknown vulnerabilityEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.030.00885CVE-2023-21845
01/17/20235.45.2Oracle PeopleSoft Enterprise PeopleTools Elastic Search unknown vulnerabilityEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.050.00885CVE-2023-21844
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools Security denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.030.01018CVE-2022-40149
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools Porting denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.080.02686CVE-2020-10735
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools File Processing unknown vulnerabilityEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.050.01018CVE-2022-27782
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools Elastic Search denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.050.01108CVE-2022-42003
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools Elastic Search denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.030.01537CVE-2022-31129
01/17/20237.57.2Oracle PeopleSoft Enterprise PeopleTools Cloud Manager denial of serviceEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.160.01018CVE-2022-25857
01/17/20239.89.4Oracle PeopleSoft Enterprise PeopleTools PeopleSoft CDA Remote Code ExecutionEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.140.24563CVE-2022-37434
01/17/20239.89.4Oracle PeopleSoft Enterprise PeopleTools Elastic Search Remote Code ExecutionEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.000.00954CVE-2021-3918
01/17/20239.89.4Oracle PeopleSoft Enterprise CC Common Application Objects Chatbot Framework Remote Code ExecutionEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.030.00954CVE-2021-3918
01/17/20232.72.6Oracle MySQL Server Thread Pooling denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00885CVE-2023-21874
01/17/20232.72.6Oracle MySQL Server Optimizer unknown vulnerabilityDatabase SoftwareNot DefinedOfficial Fix0.000.00885CVE-2023-21882
01/17/20234.94.7Oracle MySQL Server PS denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.070.00885CVE-2023-21840
01/17/20234.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00885CVE-2023-21883
01/17/20234.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.030.00885CVE-2023-21881
01/17/20234.94.7Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.060.00885CVE-2023-21879

9950 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!