Oracle Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Oracle MySQL Server874
Oracle VM VirtualBox311
Oracle WebLogic Server293
Oracle Java SE290
Oracle PeopleSoft Enterprise PeopleTools264

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix9968
Temporary Fix0
Workaround0
Unavailable0
Not Defined32

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High226
Functional0
Proof-of-Concept270
Unproven0
Not Defined9504

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical16
Local1063
Adjacent128
Network8793

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High1344
Low2186
None6470

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required2492
None7508

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤212
≤3109
≤4327
≤51117
≤61399
≤72095
≤82346
≤91279
≤101316

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤212
≤3134
≤4325
≤51115
≤62081
≤71659
≤82635
≤9841
≤101198

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤12
≤217
≤3126
≤4342
≤51120
≤61413
≤71933
≤82461
≤91220
≤101366

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤26
≤336
≤4200
≤5568
≤61006
≤71472
≤82015
≤9792
≤101361

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤24
≤385
≤4111
≤5449
≤6492
≤7496
≤8577
≤9395
≤10148

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤12
≤211
≤344
≤4153
≤5491
≤6612
≤7731
≤8745
≤9630
≤10593

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k15
<2k63
<5k815
<10k2721
<25k4793
<50k418
<100k993
≥100k182

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k7208
<2k656
<5k899
<10k163
<25k925
<50k149
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (856): ADF (3), API Gateway (13), Access Manager (24), Adaptive Access Manager (3), Advanced Collections (1), Advanced Inbound Telephony (1), Advanced Outbound Telephony (13), Advanced Pricing (2), Advanced Supply Chain Planning (2), Advanced Support Gateway (1), Agile Engineering Data Management (31), Agile Material (1), Agile PLM (68), Agile PLM Framework (3), Agile PLM MCAD Connector (5), Agile Product Lifecycle Management Integration Pack for E-Business Suite (2), Agile Product Lifecycle Management Integration Pack for SAP: Design to Release (1), Agile Product Lifecycle Management for Process (11), Agile Recipe Management for Pharmaceuticals (3), Airlines Data Model (1), Analytics (30), Analytics Desktop (1), Application Express (3), Application Express Administration (1), Application Express Customers Plugin (1), Application Express Team Calendar Plugin (1), Application Management Pack for E-Business Suite (2), Application Management Pack for Utilities & Enterprise Taxation (1), Application Object Library (16), Application Performance Management (2), Application Performance Management (APM) (1), Application Server (4), Application Service Level Management (1), Application Session Controller (4), Application Testing Suite (41), Applications DBA (3), Applications Framework (20), Applications Manager (13), Applications Monitor (3), Applications Technology (1), Applications Technology Stack (2), Approvals Management (1), ArchivistaBox (1), Argus Analytics (1), Argus Insight (2), Argus Mart (1), Argus Safety (11), Asset Management (1), Asset Management (v1) (1), Audit Vault and Database Firewall (5), AutoVue (12), AutoVue 3D Professional Advanced (1), AutoVue VueLink Integration (1), Automatic Service Request (10), Autonomous Health Framework (1), Autovue for Agile Product Lifecycle Management (8), BAM (2), BAM (Business Activity Monitoring) (3), BI Publisher (73), BI Publisher (formerly XML Publisher) (3), Banking APIs (23), Banking Branch (15), Banking Cash Management (25), Banking Collections and Recovery (1), Banking Corporate Lending (31), Banking Corporate Lending Process Management (32), Banking Credit Facilities Process Management (34), Banking Deposits and Lines of Credit Servicing (10), Banking Digital Experience (34), Banking Electronic Data Exchange for Corporates (8), Banking Enterprise Collections (4), Banking Enterprise Default Management (16), Banking Enterprise Originations (4), Banking Enterprise Product Manufacturing (5), Banking Extensibility Workbench (8), Banking Liquidity Management (40), Banking Loans Servicing (5), Banking Origination (13), Banking Party Management (19), Banking Payments (39), Banking Platform (45), Banking Supply Chain Finance (36), Banking Trade Finance (25), Banking Trade Finance Process Management (31), Banking Treasury Management (16), Banking Virtual Account Management (28), Berkeley DB (9), Big Data Discovery (6), Big Data Graph (4), Big Data Spatial and Graph (6), Bill Presentment Architecture (1), Billing (6), Billing Analytics (1), Bills of Material (1), Blockchain Platform (22), Business Activity Monitoring (2), Business Activity Monitoring(BAM) (1), Business Intelligence Data Warehouse Administration Console (1), Business Intelligence Enterprise Edition (145), Business Process Management Suite (35), Business Transaction Management (2), CRM Gateway for Mobile Devices (3), CRM Technical Foundation (39), Cash Management (1), Category Management Planning (1), Clinical (2), Clinical Remote Data Capture (1), CloudForms Management Engine (1), Cloud Infrastructure Data Science Notebook Sessions (1), Cloud Infrastructure Storage Gateway (4), Cloud Services (2), Clusterware (4), Coherence (23), Collaboration (1), Collaborative Planning (2), Collateral Management (14), Commerce (2), Commerce Experience Manager (7), Commerce Guided Search (51), Commerce Merchandising (5), Commerce Platform (21), Commerce Service Center (2), Common Applications (9), Common Applications Calendar (9), Communications (14), Communications ASAP (4), Communications ASAP Cartridges (1), Communications Analytics (3), Communications Application Session Controller (17), Communications BRM (15), Communications BRM - Elastic Charging Engine (20), Communications BRM Elastic Charging Engine (4), Communications Billing (3), Communications Billing and Revenue Management (40), Communications Calendar Server (8), Communications Cloud Native Configuration Console (3), Communications Cloud Native Core Automated Test Suite (22), Communications Cloud Native Core Binding Support Function (73), Communications Cloud Native Core Console (38), Communications Cloud Native Core Network Data Analytics Function (3), Communications Cloud Native Core Network Exposure Function (29), Communications Cloud Native Core Network Function Cloud Native Environment (39), Communications Cloud Native Core Network Repository Function (45), Communications Cloud Native Core Network Slice Selection Function (20), Communications Cloud Native Core Policy (93), Communications Cloud Native Core Security Edge Protection Proxy (53), Communications Cloud Native Core Service Communication Proxy (21), Communications Cloud Native Core Unified Data Repository (46), Communications Contacts Server (9), Communications Control Plane Monitor (1), Communications Converged Application Server (7), Communications Converged Application Server - Service Controller (2), Communications Converged Application Server-Service Controller (1), Communications Converged Application Server Service Controller (1), Communications Convergence (14), Communications Convergent Charging Controller (13), Communications Core Session Manager (2), Communications Data Model (2), Communications Design Studio (16), Communications Diameter Intelligence Hub (11), Communications Diameter Signaling Router (85), Communications Diameter Signaling Router (DSR) (4), Communications EAGLE Application Processor (4), Communications EAGLE Element Management System (1), Communications EAGLE FTP Table Base Retrieval (3), Communications EAGLE LNP Application Processor (7), Communications EAGLE Software (3), Communications Elastic Charging Engine (5), Communications Element Manager (48), Communications Evolved Communications Application Server (8), Communications Fraud Monitor (2), Communications IP Service Activator (7), Communications Instant Messaging Server (22), Communications Interactive Session Recorder (15), Communications LSMS (7), Communications Messaging Server (36), Communications MetaSolv Solution (14), Communications Network Analytics Data Director (17), Communications Network Charging (5), Communications Network Charging and Control (15), Communications Network Integrity (17), Communications Network Intelligence (1), Communications Offline Mediation Controller (12), Communications Online Mediation Controller (1), Communications Operations Monitor (31), Communications Order (4), Communications Order and Service Management (12), Communications Performance Intelligence Center (PIC) Software (8), Communications Performance Intelligence Center Software (7), Communications Policy Management (34), Communications Pricing Design Center (30), Communications Service Broker (4), Communications Service Broker Engineered System Edition (1), Communications Service Catalog and Design (17), Communications Services Gatekeeper (21), Communications Session Border Controller (22), Communications Session Report Manager (50), Communications Session Route Manager (34), Communications Session Router (6), Communications Subscriber-Aware Load Balancer (4), Communications Unified Assurance (33), Communications Unified Inventory Management (44), Communications Unified Session Manager (6), Communications User Data Repository (16), Communications WebRTC Session Controller (28), Compensation Workbench (1), Complex Maintenance, Repair, and Overhaul (35), Concurrent Processing (2), Configuration (1), Configuration Manager (5), Configurator (7), Construction (10), Construction and Engineering (3), Content Manager (3), Contract Lifecycle Management for Public Sector (1), Control (5), Converged Application Server (1), Converged Application Server - Service Controller (1), Converged Commerce (1), Convergence (2), Cost Management (1), Crystal Ball (1), Customer Interaction History (8), Customer Management (6), Customers Online (1), Data Integrator (35), Data Masking (1), Data Visualization Desktop (1), Database (86), Database Enterprise Edition (9), Database Enterprise Edition RDBMS Security (1), Database Enterprise Edition Recovery (1), Database Enterprise Edition Sharding (1), Database Server (117), Deal Management (1), Demantra Demand Management (7), Deployment (4), Depot Repair (10), Diagnostic Assistant (2), Diameter Signaling Router (DSR) (3), Directory Server Enterprise Edition (3), Discovery (5), Documaker (19), Documaker Enterprise Edition (3), Document Management (1), Document Management and Collaboration (2), E-Business Intelligence (6), E-Business Suite (44), E-Business Suite Cloud Manager and Cloud Backup Module (1), E-Business Suite Information Discovery (2), E-Business Suite Secure Enterprise Search (1), E-Business Suite Technology Stack (2), E-Business Suite  (7), E-Business Tax (1), E-Records (1), EAGLE (Software) (1), Email Center (17), Endeca Information Discovery Integrator (14), Endeca Information Discovery Studio (11), Endeca Server (9), Engineering (2), Engineering Data Management (1), Engineering Suite (10), Enterprise Asset Management (2), Enterprise Command Center Framework (4), Enterprise Communications Broker (19), Enterprise Data Quality (28), Enterprise Manager Base Platform (101), Enterprise Manager Fusion Middleware Control (1), Enterprise Manager Ops Center (56), Enterprise Manager for Database (9), Enterprise Manager for Exadata (2), Enterprise Manager for Fusion Applications (1), Enterprise Manager for Fusion Middleware (11), Enterprise Manager for MySQL Database (5), Enterprise Manager for Peoplesoft (4), Enterprise Manager for Storage Management (2), Enterprise Manager for Virtual Infrastructure (1), Enterprise Manager for Virtualization (8), Enterprise Operations Monitor (8), Enterprise Repository (26), Enterprise Session Border Controller (16), Enterprise Session Router (1), Enterprise Telephony Fraud Monitor (1), Equipment Management for Pharmaceuticals (1), Essbase (27), Essbase Analytic Provider Services (3), Ethernet Switch ES1-24 (1), Ethernet Switch ES2-64 (1), Ethernet Switch ES2-72 (1), Ethernet Switch TOR-72 (1), Explorer (1), FLEXCUBE Core Banking (16), FLEXCUBE Direct Banking (9), FLEXCUBE Enterprise Limits (14), FLEXCUBE Enterprise Limits and Collateral Management (2), FLEXCUBE Investor Servicing (38), FLEXCUBE Private Banking (53), FLEXCUBE Universal Banking (76), FMW Platform (3), Field Service (6), Financial Services - Regulatory Reporting for Reserve Bank of India - Lombard Risk Integration Pack (1), Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack (1), Financial Services Analytical Applications Infrastructure (75), Financial Services Analytical Applications Reconciliation Framework (4), Financial Services Asset Liability Management (8), Financial Services Balance Computation Engine (1), Financial Services Balance Sheet Planning (5), Financial Services Basel Regulatory Capital Basic (4), Financial Services Basel Regulatory Capital Internal Ratings Based Approach (4), Financial Services Behavior Detection Platform (23), Financial Services Compliance Regulatory Reporting (1), Financial Services Compliance Studio (4), Financial Services Crime and Compliance Investigation Hub (1), Financial Services Crime and Compliance Management Studio (24), Financial Services Currency Transaction Reporting (1), Financial Services Data Foundation (3), Financial Services Data Governance for US Regulatory Reporting (2), Financial Services Data Integration Hub (5), Financial Services Deposit Insurance Calculations for Liquidity Risk Management (2), Financial Services Enterprise Case Management (12), Financial Services Enterprise Financial Performance Analytics (2), Financial Services Foreign Account Tax Compliance Act Management (1), Financial Services Funds Transfer Pricing (11), Financial Services Hedge Management (7), Financial Services Hedge Management and IFRS Valuations (1), Financial Services Institutional Performance Analytics (6), Financial Services Lending (2), Financial Services Lending and Leasing (3), Financial Services Liquidity Risk Management (7), Financial Services Liquidity Risk Measurement (2), Financial Services Liquidity Risk Measurement and Management (2), Financial Services Loan Loss Forecasting (7), Financial Services Loan Loss Forecasting and Provisioning (2), Financial Services Market Risk (2), Financial Services Market Risk Measurement (7), Financial Services Market Risk Measurement and Management (4), Financial Services Model Management and Governance (25), Financial Services Price Creation (5), Financial Services Price Creation and Discovery (3), Financial Services Profitability Management (10), Financial Services Reconciliation Framework (1), Financial Services Regulatory Reporting (1), Financial Services Regulatory Reporting for De Nederlandsche Bank (1), Financial Services Regulatory Reporting for European Banking Authority (2), Financial Services Regulatory Reporting for European Banking Authority - Integration Pack for Lombard Risk (1), Financial Services Regulatory Reporting for US Federal Reserve (2), Financial Services Regulatory Reporting with AgileREPORTER (4), Financial Services Retail Customer Analytics (4), Financial Services Retail Performance Analytics (2), Financial Services Revenue Management (4), Financial Services Revenue Management and Billing (17), Financial Services Revenue Management and Billing Analytics (2), Financial Services Trade-Based Anti Money Laundering Enterprise Edition (10), Financials (1), Financials Common Modules (1), Forms (1), Fuel POS Software (7), Fujitsu M10-1 (19), Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers (4), Fujitsu M10-4 (19), Fujitsu M10-4S (19), Fujitsu M12-1 (20), Fujitsu M12-2 (20), Fujitsu M12-2S (12), Fujitsu M12-2S Servers (8), Fusion Middleware (14), Fusion Middleware MapViewer (23), General Ledger (4), GlassFish Open Source Edition (1), GlassFish Server (9), GlassFish Server Open Source Edition (3), Global Lifecycle Management (2), Global Lifecycle Management FMW Installer (1), Global Lifecycle Management NextGen OUI Framework (7), Global Lifecycle Management OPatch (3), Global Lifecycle Management OPatchAuto (1), Global Order Promising (1), GoldenGate (16), GoldenGate Application Adapter (2), GoldenGate Application Adapters (9), GoldenGate Big Data (2), GoldenGate Stream Analytics (6), GoldenGate Studio (3), GoldenGate Veridata (4), GoldenGate for Big Data (1), Goldengate (1), GraalVM (6), GraalVM Enterprise Edition (39), GraalVM for JDK (5), Graph Server and Client (7), HCM Common Architecture (1), HRMS (France) (1), HTTP Server (59), Hardware Management Pack (2), Health Sciences Central Coding (1), Health Sciences Clinical Development Analytics (1), Health Sciences Data Management Workbench (7), Health Sciences Empirica Inspections (3), Health Sciences Empirica Signal (8), Health Sciences InForm (9), Health Sciences InForm CRF Submit (1), Health Sciences InForm Publisher (1), Health Sciences Information Manager (8), Health Sciences Sciences Data Management Workbench (1), Healthcare Data Repository (13), Healthcare Foundation (11), Healthcare Master Person Index (10), Healthcare Translational Research (17), Helidon (3), Help Technologies (1), Hospitality 9700 (2), Hospitality Cruise AffairWhere (2), Hospitality Cruise Dining Room Management (4), Hospitality Cruise Fleet Management (14), Hospitality Cruise Fleet Management System (5), Hospitality Cruise Materials Management (4), Hospitality Cruise Shipboard Property Management System (20), Hospitality Gift (4), Hospitality Gift and Loyalty (1), Hospitality Guest Access (27), Hospitality Hotel Mobile (6), Hospitality Inventory Management (5), Hospitality Labor Management (2), Hospitality Materials Control (6), Hospitality OPERA 5 (11), Hospitality OPERA 5 Property Services (12), Hospitality Property Interfaces (2), Hospitality RES 3700 (5), Hospitality Reporting (30), Hospitality Reporting and Analytics (8), Hospitality Simphony (34), Hospitality Simphony First Edition (5), Hospitality Simphony First Edition Venue Management (1), Hospitality Suite (1), Hospitality Suite8 (23), Hospitality Suites Management (2), Hospitality Token Proxy Service (3), Hospitality WebSuite8 Cloud Service (3), Hospitality e7 (3), Human Resources (8), Hyperion (9), Hyperion Analytic Provider Services (2), Hyperion BI+ (11), Hyperion Calculation Manager (3), Hyperion Data Relationship Management (7), Hyperion Enterprise Performance Management Architect (1), Hyperion Essbase (3), Hyperion Essbase Administration Services (3), Hyperion Financial Close Management (3), Hyperion Financial Data Quality Management (1), Hyperion Financial Management (6), Hyperion Financial Reporting (12), Hyperion Infrastructure Technology (25), Hyperion Lifecycle Management (2), Hyperion Planning (11), Hyperion Profitability and Cost Management (1), Hyperion Tax Provision (1), Hyperion Workspace (2), IFRS Valuations (7), Identity Analytics (3), Identity Management Suite (4), Identity Manager (18), Identity Manager Connector (10), In-Memory Performance-Driven Planning (1), Incentive Compensation (3), Installed Base (12), Instant Messaging Server (2), Instantis EnterpriseTrack (31), Insurance Accounting Analyzer (4), Insurance Allocation Manager for Enterprise Profitability (4), Insurance Calculation Engine (8), Insurance Data Foundation (2), Insurance Data Gateway (4), Insurance IFRS 17 Analyzer (2), Insurance Insbridge Rating (1), Insurance Insbridge Rating and Underwriting (7), Insurance Performance Insight (2), Insurance Policy Administration (15), Insurance Policy Administration J2EE (12), Insurance Policy Administration Operational Data Store for Life and Annuity (5), Insurance Rules Palette (14), Integrated Lights Out Manager (6), Integrated Lights Out Manager (ILOM) (2), Interaction Center Intelligence (2), Interactive Session Recorder (2), Internet Directory (4), Internet Expenses (3), JD Edwards EnterpriseOne Orchestrator (24), JD Edwards EnterpriseOne Tools (114), JD Edwards World Security (11), JD Edwards World Technical Foundation (1), JDK (1), JDeveloper (20), JDeveloper and ADF (1), Java Advanced Management Console (6), Java ME SDK (1), Java SE (290), Java SE JDK (6), Java SE JRE (6), Java VM (1), Knowledge (16), Knowledge Management (9), Labor Distribution (1), Landed Cost Management (1), Learning Management (2), Lease and Finance Management (1), Leasing (2), Legal Entity Configurator (1), Life Sciences InForm (1), Life Sciences InForm Publisher (1), Linux (2), Linux UEK (1), Load (2), Loans (1), Loyalty (4), M7 (1), M10-1 (2), M10-4 (2), M10-4S (2), M12-1 (2), M12-2 (2), M12-2S (2), M3000 (1), M4000 (2), M5000 (2), M8000 (2), M9000 (1), M9000 Servers (1), MES for Process Manufacturing (2), MICROS 700 Series Tablet (2), MICROS BellaVita (1), MICROS Compact Workstation 3 (1), MICROS ES400 Series (1), MICROS Handheld Terminal (4), MICROS Kitchen Display Controller (1), MICROS Kitchen Display System Hardware (1), MICROS Lucas (4), MICROS PC Workstation 2015 (3), MICROS Relate CRM Software (9), MICROS Retail-J (7), MICROS Retail XBRi Loss Prevention (7), MICROS Workstation 5A (1), MICROS Workstation 6 (5), MICROS Workstation 650 (2), MICROS XBR (1), MICROS XBRi (1), Managed File Transfer (18), Management (9), Management Cloud Engine (8), Management Pack for GoldenGate (4), MapViewer (1), Marketing (40), Marketing Encyclopedia System (1), Messaging Server (1), Middleware Common Libraries and Tools (39), Mobile Field Service (4), Mobile Security Suite (3), MySQL (1), MySQL Client (14), MySQL Cluster (89), MySQL Connectors (48), MySQL Enterprise Backup (4), MySQL Enterprise Monitor (72), MySQL Installer (2), MySQL NDB Cluster (4), MySQL Server (874), MySQL Shell (5), MySQL Shell for VS Code (1), MySQL Workbench (38), NetSuite (2), NoSQL Database (8), OPatch (1), OSS Support Tools (26), One-to-One Fulfillment (22), Online Mediation Controller (2), OpenGrok (1), OpenJDK (1), OpenSSO (1), Operational Analytics (2), Operations Intelligence (1), Optimization (1), Order Management (1), Outside In Technology (165), Partner Management (7), Payables (2), Payment Interface (2), PeopleSoft (1), PeopleSoft Enterprise CC Common Application Objects (6), PeopleSoft Enterprise CS Academic Advisement (3), PeopleSoft Enterprise CS Campus Community (5), PeopleSoft Enterprise CS Financial Aid (1), PeopleSoft Enterprise CS SA Integration Pack (2), PeopleSoft Enterprise CS Student Records (1), PeopleSoft Enterprise Common Components (1), PeopleSoft Enterprise ELM (1), PeopleSoft Enterprise ELM Enterprise Learning Management (2), PeopleSoft Enterprise FIN Cash Management (1), PeopleSoft Enterprise FIN Common Application Objects (1), PeopleSoft Enterprise FIN Expenses (4), PeopleSoft Enterprise FIN Install (2), PeopleSoft Enterprise FIN Payables (1), PeopleSoft Enterprise FIN Project Costing (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Argentina (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Brazil (1), PeopleSoft Enterprise FSCM (7), PeopleSoft Enterprise HCM (3), PeopleSoft Enterprise HCM Absence Management (1), PeopleSoft Enterprise HCM Benefits Administration (1), PeopleSoft Enterprise HCM Candidate Gateway (1), PeopleSoft Enterprise HCM Global Payroll Core (2), PeopleSoft Enterprise HCM Global Payroll Switzerland (2), PeopleSoft Enterprise HCM Human Resources (10), PeopleSoft Enterprise HCM Shared Components (3), PeopleSoft Enterprise HCM Talent Acquisition Manager (1), PeopleSoft Enterprise HCM eProfile Manager Desktop (1), PeopleSoft Enterprise HRMS (3), PeopleSoft Enterprise Interaction Hub (1), PeopleSoft Enterprise PRTL Interaction Hub (16), PeopleSoft Enterprise PT PeopleTools (23), PeopleSoft Enterprise PeopleTools (264), PeopleSoft Enterprise SCM (1), PeopleSoft Enterprise SCM Purchasing (4), PeopleSoft Enterprise SCM eProcurement (6), PeopleSoft Enterprise SCM eSupplier Connection (1), PeopleSoft HRMS (1), PeopleSoft PeopleTools (1), Performance Management (1), Platform Security for Java (1), Policy Automation (11), Policy Automation Connector for Siebel (5), Policy Automation for Mobile Devices (5), Primavera Analytics (2), Primavera Data Warehouse (1), Primavera Gateway (45), Primavera P6 Enterprise Project Portfolio Management (39), Primavera P6 Professional Project Management (1), Primavera Portfolio Management (13), Primavera Unifier (78), Process Manufacturing Financials (1), Process Manufacturing Product Development (2), Product Hub (2), Product Lifecycle Analytics (9), Production Scheduling (1), Project Contracts (1), Project Costing (1), Projects (1), Provisioning (7), Public Sector Financials International (1), Purchasing (2), Quoting (3), REST Data Services (15), Rapid Planning (17), Real-Time Decision Server (6), Real-Time Decisions (RTD) Solutions (2), Real-Time Scheduler (2), Real User Experience Insight (5), Receivables (1), Reports Developer (4), Retail Advanced Inventory Planning (10), Retail Allocation (5), Retail Analytics (1), Retail Assortment Planning (18), Retail Back Office (21), Retail Bulk Data Integration (13), Retail Category Management Planning & Optimization (1), Retail Central Office (20), Retail Clearance Optimization Engine (8), Retail Convenience (7), Retail Convenience Store Back Office (1), Retail Customer Engagement (3), Retail Customer Insights (12), Retail Customer Management (17), Retail Customer Management and Segmentation Foundation (33), Retail Data Extractor for Merchandising (3), Retail EFTLink (12), Retail Extract Transform (2), Retail Extract Transform and Load (5), Retail Financial Integration (21), Retail Fiscal Management (6), Retail Fusion Platform (1), Retail Insights (2), Retail Insights Cloud Service Suite (1), Retail Integration Bus (36), Retail Invoice Matching (12), Retail Item Planning (2), Retail Macro Space Optimization (2), Retail Markdown Optimization (4), Retail Merchandise Financial Planning (2), Retail Merchandising System (29), Retail Open Commerce Platform (7), Retail Order Broker (39), Retail Order Broker Cloud Service (1), Retail Order Management System (5), Retail Order Management System Cloud Service (1), Retail Point-of-Sale (1), Retail Point-of-Service (15), Retail Point Of Service (1), Retail Predictive Application Server (24), Retail Price Management (6), Retail Pricing (1), Retail Regular Price Optimization (2), Retail Replenishment Optimization (2), Retail Returns Management (20), Retail Sales Audit (11), Retail Service Backbone (28), Retail Service Layer (1), Retail Size Profile Optimization (3), Retail Store Inventory Management (12), Retail Warehouse Management System (1), Retail Workforce Management (2), Retail Workforce Management Software (2), Retail Xstore Office (5), Retail Xstore Office Cloud Service (2), Retail Xstore Payment (2), Retail Xstore Point of Service (66), Revenue Management (6), S7 (1), SD-WAN Aware (6), SD-WAN Edge (28), SOA Suite (15), SPARC Enterprise M3000 (2), SPARC Enterprise M4000 (1), SPARC Enterprise M5000 (1), SPARC Enterprise M8000 (1), SPARC Enterprise M9000 (1), SQL Developer (5), SQLcl (1), SYNEL (1), Sales Offline (4), Sales for Handhelds (1), Scripting (6), Secure Backup (6), Secure Enterprise Search (1), Secure Global Desktop (28), Security Service (8), Segmentation Foundation (23), Self-Service Human Resources (2), Service Architecture Leveraging Tuxedo (1), Service Bus (11), Service Contracts (3), Service Intelligence (1), Service Management (4), Services Tools Bundle (2), Shipping Execution (1), Siebel Apps (5), Siebel Apps - Marketing (5), Siebel Apps-Marketing (3), Siebel Apps Field Service (1), Siebel CRM (33), Siebel CRM Desktop (2), Siebel Core (4), Siebel Core-Automation (1), Siebel Core - Automation (1), Siebel Core-Common Components (2), Siebel Core - Common Components (1), Siebel Core - DB Deployment (1), Siebel Core-DB Deployment and Configuration (1), Siebel Core - Server BizLogic Script (1), Siebel Core - Server Framework (3), Siebel Core CRM (1), Siebel Engineering (1), Siebel Engineering - Installer (3), Siebel Engineering-Installer & Deployment (1), Siebel Engineering-Rel Eng (1), Siebel Engineering Installer (1), Siebel Industry-Life Sciences (1), Siebel Mobile App (1), Siebel Mobile Applications (1), Siebel UI Framework (34), Site Hub (2), Solaris (135), Solaris Cluster (13), Solaris Operating System (2), Sourcing (3), Spatial Studio (5), Spatial and Graph (1), Storage Cloud Software Appliance (2), StorageTek ACSLS (6), StorageTek Tape Analytics (2), StorageTek Tape Analytics SW Tool (9), Stream Analytics (3), Subledger Accounting (1), Subsetting (1), Sun Systems Products Suite (3), Sun ZFS Storage Appliance (1), Sun ZFS Storage Appliance Kit (14), Sun ZFS Storage Appliance Kit (AK) (12), Sun ZFS Storage Appliance Kit Software (1), SuperCluster Specific Software (1), System Utilities (1), T7 (1), Talent Acquisition Cloud (1), Taleo Platform (1), Tape Library ACSLS (9), Tape Virtual Storage Manager GUI (1), Tekelec HLR Router (1), Tekelec Platform Distribution (5), Tekelec Virtual Operating Environment (1), Territory Management (1), Thesaurus Management System (1), Time and Labor (4), TimesTen In-Memory Database (14), Trace File Analyzer (1), Trade Management (30), Trading Community (1), Traffic Director (2), Transportation Execution (1), Transportation Management (32), Tuxedo (8), Tuxedo System (3), Underwriting (1), Unified (2), Unified Directory (3), Universal Work Queue (7), User Management (3), Utilities Advanced Spatial (2), Utilities Application Framework (9), Utilities Framework (30), Utilities Mobile Workforce Management (2), Utilities Network Management System (17), Utilities Testing Accelerator (23), Utilities Work (2), Utilties Application Framework (3), VM Server for SPARC (1), VM VirtualBox (311), Virtual Directory (3), Web Analytics (2), Web Applications Desktop Integrator (9), Web Cache (1), WebCenter Content (14), WebCenter Interaction (7), WebCenter Interaction Portal (1), WebCenter Portal (67), WebCenter Sites (41), WebCenter Sites Support Tools (1), WebLogic Portal (1), WebLogic Server (293), WebLogic Server Proxy Plug-In (2), Web Services (1), Web Services Manager (2), Weblogic Server Proxy Plug-in (1), Workflow (5), Work in Process (3), X86 Servers (1), ZFS Storage Appliance Kit (17), ZFS Storage Application Integration Engineering Software (1), iLearning (11), iPlanet Web Server (4), iProcurement (1), iReceivables (2), iRecruitment (2), iSetup (2), iStore (35), iSupplier Portal (4), iSupport (19)

Link to Vendor Website: https://www.oracle.com

PublishedBaseTempVulnerabilityProdExpRemEPSSCTICVE
11/19/20246.46.3Oracle Agile PLM Framework Software Development Kit/Process Extension improper authorizationProduct Lifecycle Management SoftwareHighOfficial Fix0.000870.05CVE-2024-21287
10/16/20243.33.2Oracle Hyperion BI+ UI/Visualization information disclosureUnknownNot DefinedOfficial Fix0.000430.07CVE-2024-21257
10/16/20242.32.2Oracle VM VirtualBox Core denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.000430.06CVE-2024-21253
10/16/20244.24.1Oracle MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-21213
10/16/20243.13.0Oracle MySQL Client Mysqldump improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000450.10CVE-2024-21209
10/16/20244.14.1Oracle VM VirtualBox Core information disclosureVirtualization SoftwareNot DefinedOfficial Fix0.000440.07CVE-2024-21273
10/16/20245.75.6Oracle VM VirtualBox Core improper authorizationVirtualization SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-21263
10/16/20243.93.8Oracle VM VirtualBox Core denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.000550.04CVE-2024-21248
10/16/20243.73.7Oracle Banking Liquidity Management Oracle Financial Service denial of serviceBanking SoftwareNot DefinedOfficial Fix0.000460.04CVE-2024-21281
10/16/20246.96.8Oracle VM VirtualBox Core Local Privilege EscalationVirtualization SoftwareNot DefinedOfficial Fix0.000500.04CVE-2024-21259
10/16/20242.22.1Oracle MySQL Server Telemetry information disclosureDatabase SoftwareNot DefinedOfficial Fix0.000450.05CVE-2024-21244
10/16/20242.52.4Oracle MySQL Server Telemetry information disclosureDatabase SoftwareNot DefinedOfficial Fix0.000450.04CVE-2024-21243
10/16/20242.22.1Oracle MySQL Server Group Replication GCS denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.08CVE-2024-21237
10/16/20242.22.1Oracle MySQL Server Components Service denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.06CVE-2024-21232
10/16/20243.13.0Oracle MySQL Server Client Programs denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.14CVE-2024-21231
10/16/20247.27.1Oracle Banking Liquidity Management Oracle Financial Service authorizationBanking SoftwareNot DefinedOfficial Fix0.000480.04CVE-2024-21285
10/16/20247.37.2Oracle Banking Liquidity Management Oracle Financial Service authorizationBanking SoftwareNot DefinedOfficial Fix0.000480.03CVE-2024-21284
10/16/20245.95.8Oracle MySQL Connectors ODBC denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000460.04CVE-2024-21262
10/16/20245.04.8Oracle Application Express improper authorizationUnknownNot DefinedOfficial Fix0.000450.04CVE-2024-21261
10/16/20244.34.2Oracle MySQL Cluster/MySQL Client Mysqldump improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000450.05CVE-2024-21247
10/16/20243.53.4Oracle Database Server XML Database Component denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.04CVE-2024-21242
10/16/20244.94.8Oracle MySQL Server Optimizer improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000440.04CVE-2024-21241
10/16/20244.94.8Oracle MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.07CVE-2024-21239
10/16/20245.95.7Oracle MySQL Cluster/MySQL Server Thread Pooling improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000440.04CVE-2024-21238
10/16/20244.94.8Oracle MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.08CVE-2024-21236
10/16/20244.34.2Oracle Database Server Database Core Component improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000450.07CVE-2024-21233
10/16/20246.56.3Oracle MySQL Cluster/MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.03CVE-2024-21230
10/16/20244.94.8Oracle MySQL Server DML denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.06CVE-2024-21219
10/16/20244.94.8Oracle MySQL Cluster/MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.08CVE-2024-21218
10/16/20245.04.9Oracle MySQL Server Health Monitor improper authorizationDatabase SoftwareNot DefinedOfficial Fix0.000440.04CVE-2024-21212
10/16/20244.94.8Oracle MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.05CVE-2024-21207
10/16/20244.94.8Oracle MySQL Server PS denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.03CVE-2024-21204
10/16/20244.94.8Oracle MySQL Cluster/MySQL Server FTS denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.06CVE-2024-21203
10/16/20244.94.8Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.06CVE-2024-21201
10/16/20244.94.8Oracle MySQL Server Optimizer denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.09CVE-2024-21200
10/16/20244.94.8Oracle MySQL Server InnoDB denial of serviceDatabase SoftwareNot DefinedOfficial Fix0.000440.04CVE-2024-21199
10/16/20248.88.6Oracle BI Publisher Web Server Privilege EscalationReporting SoftwareNot DefinedOfficial Fix0.000480.21CVE-2024-21254
10/16/20245.35.2Oracle Installed Base User Interface information disclosureUnknownNot DefinedOfficial Fix0.000460.03CVE-2024-21258
10/16/20247.27.0Oracle Financials Common Component improper authorizationFinancial SoftwareNot DefinedOfficial Fix0.000480.05CVE-2024-21282
10/16/20247.27.0Oracle Service Contracts Authoring improper authorizationUnknownNot DefinedOfficial Fix0.000480.21CVE-2024-21280
10/16/20247.27.0Oracle Sourcing Auctions improper authorizationUnknownNot DefinedOfficial Fix0.000480.06CVE-2024-21279
10/16/20247.27.0Oracle Contract Lifecycle Management for Public Sector Award Processes improper authorizationUnknownNot DefinedOfficial Fix0.000480.00CVE-2024-21278
10/16/20247.27.0Oracle MES for Process Manufacturing Device Integration improper authorizationUnknownNot DefinedOfficial Fix0.000480.00CVE-2024-21277
10/16/20247.27.0Oracle Work in Process Messages improper authorizationUnknownNot DefinedOfficial Fix0.000480.03CVE-2024-21276
10/16/20247.27.0Oracle Quoting User Interface improper authorizationUnknownNot DefinedOfficial Fix0.000480.03CVE-2024-21275
10/16/20247.27.0Oracle Field Service Engineer Portal improper authorizationUnknownNot DefinedOfficial Fix0.000480.04CVE-2024-21271
10/16/20247.27.0Oracle Common Applications Calendar Tasks improper authorizationCalendar SoftwareNot DefinedOfficial Fix0.000480.03CVE-2024-21270
10/16/20247.27.0Oracle Incentive Compensation Compensation Plan improper authorizationUnknownNot DefinedOfficial Fix0.000480.05CVE-2024-21269
10/16/20247.27.0Oracle Applications Manager Diagnostics improper authorizationUnknownNot DefinedOfficial Fix0.000480.04CVE-2024-21268
10/16/20247.27.0Oracle Cost Management Cost Planning improper authorizationUnknownNot DefinedOfficial Fix0.000480.03CVE-2024-21267

9950 more entries are not shown

Do you need the next level of professionalism?

Upgrade your account now!