Oracle Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Oracle MySQL Server1051
Oracle Java SE559
Oracle E-Business Suite455
Oracle Database Server455
Oracle Solaris370

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix10694
Temporary Fix0
Workaround24
Unavailable6
Not Defined1090

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High238
Functional4
Proof-of-Concept775
Unproven587
Not Defined10210

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical19
Local1459
Adjacent135
Network10201

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High1145
Low3128
None7541

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required2498
None9316

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤212
≤3122
≤4578
≤51649
≤62523
≤71923
≤82013
≤91541
≤101453

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤213
≤3206
≤4723
≤51765
≤63032
≤71757
≤82267
≤9825
≤101226

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤12
≤217
≤3133
≤4592
≤51659
≤62536
≤71949
≤81921
≤91515
≤101490

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤27
≤344
≤4247
≤5609
≤61025
≤71270
≤81312
≤9977
≤101069

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤21
≤325
≤423
≤590
≤6112
≤7138
≤8116
≤9154
≤1015

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤12
≤211
≤347
≤4183
≤5540
≤6671
≤7804
≤8811
≤9753
≤10649

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k18
<2k98
<5k1331
<10k3162
<25k4596
<50k1554
<100k569
≥100k486

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k7212
<2k948
<5k1976
<10k638
<25k900
<50k140
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (1068): 8i (2), 9i (1), 9iAS (3), 9i Application Server (2), 10g Enterprise Manager Database Control (1), 40G 10G 72 (1), 64 Ethernet Switch (1), ADF (3), APEX (5), API Gateway (16), Access Manager (26), Adaptive Access Manager (5), Administration Web Server (1), Advanced Collections (2), Advanced Inbound Telephony (2), Advanced Outbound Telephony (14), Advanced Pricing (1), Advanced Queuing component (1), Advanced Supply Chain Planning (3), Advanced Support Gateway (1), Agile (3), Agile Collaboration Framework (1), Agile Engineering Data Management (25), Agile Material (1), Agile PLM (87), Agile PLM Framework (10), Agile PLM MCAD Connector (5), Agile PLM for Process (2), Agile Product Collaboration (2), Agile Product Lifecycle (2), Agile Product Lifecycle Management Integration Pack for E-Business Suite (2), Agile Product Lifecycle Management Integration Pack for SAP: Design to Release (1), Agile Product Lifecycle Management for Process (10), Agile Recipe Management for Pharmaceuticals (3), Airlines Data Model (1), Analytics (30), Application (2), Application Express (4), Application Express Listener (1), Application Management Pack for E-Business Suite (1), Application Object Library (22), Application Performance Management (2), Application Performance Management (APM) (1), Application Server (125), Application Server 9i (2), Application Server 10g (8), Application Server Discussion Forum Portlet (2), Application Server Portal (5), Application Server Web Cache (6), Application Service Level Management (1), Application Session Controller (4), Application Testing Suite (34), Applications (5), Applications DBA (3), Applications Framework (19), Applications Manager (16), Applications Monitor (3), Applications Technology Stack (4), Approvals Management (1), ArchivistaBox (1), Argus Analytics (1), Argus Insight (1), Argus Mart (1), Argus Safety (11), Asset Management (3), Asset Management (v1) (1), Audit Vault (1), Authentication component (2), Auto Service Request (1), AutoVue (6), AutoVue 3D Professional Advanced (1), AutoVue Office (1), AutoVue VueLink Integration (1), Automatic Service Request (10), Autonomous Health Framework (1), Autovue for Agile Product Lifecycle Management (4), BAM (Business Activity Monitoring) (3), BEA Product Suite (30), BEA WebLogic (1), BEA WebLogic Portal (1), BI Publisher (59), BI Publisher (formerly XML Publisher) (3), Back Office (1), Banking APIs (9), Banking Cash Management (1), Banking Corporate Lending (22), Banking Corporate Lending Process Management (11), Banking Credit Facilities Process Management (11), Banking Deposits and Lines of Credit Servicing (2), Banking Digital Experience (12), Banking Enterprise Collections (4), Banking Enterprise Default Management (9), Banking Enterprise Originations (4), Banking Enterprise Product Manufacturing (5), Banking Extensibility Workbench (6), Banking Liquidity Management (8), Banking Loans Servicing (2), Banking Party Management (7), Banking Payments (31), Banking Platform (39), Banking Supply Chain Finance (10), Banking Trade Finance (7), Banking Trade Finance Process Management (8), Banking Treasury Management (9), Banking Virtual Account Management (10), Bea Product Suite (2), Beehive (1), Berkeley DB (53), Big Data Discovery (7), Big Data Graph (6), Big Data Spatial and Graph (2), Bill Presentment Architecture (1), Billing (6), Billing Analytics (1), Bills of Material (1), Blockchain Platform (15), Business Activity Monitoring (2), Business Intelligence Data Warehouse Administration Console (1), Business Intelligence Enterprise Edition (67), Business Process Management Suite (20), Business Transaction Management (2), COREid Access (1), CRM Gateway for Mobile Devices (3), CRM Technical Foundation (40), Cash Management (1), Category Management Planning (1), Central Designer (1), Client Utility (1), Clinical (4), Clinical Remote (1), Clinical Remote Data Capture Option (1), CloudForms Management Engine (1), Cloud Infrastructure Data Science Notebook Sessions (1), Cloud Infrastructure Storage Gateway (4), Cloud Services (2), Cluster (1), Clusterware (4), Coherence (12), Collaboration (1), Collaboration Suite (28), Collaborative Planning (1), Collateral Management (25), Commerce (2), Commerce Experience Manager (14), Commerce Guided Search (30), Commerce Merchandising (4), Commerce Platform (14), Commerce Service Center (3), Common Applications (8), Common Applications Calendar (10), Communications (23), Communications ASAP (4), Communications ASAP Cartridges (1), Communications Analytics (3), Communications Application Session Controller (17), Communications BRM (15), Communications BRM - Elastic Charging Engine (6), Communications BRM Elastic Charging Engine (4), Communications Billing (3), Communications Billing and Revenue Management (24), Communications Calendar Server (6), Communications Cloud Native Core Automated Test Suite (10), Communications Cloud Native Core Binding Support Function (12), Communications Cloud Native Core Console (14), Communications Cloud Native Core Network Exposure Function (2), Communications Cloud Native Core Network Function Cloud Native Environment (15), Communications Cloud Native Core Network Repository Function (9), Communications Cloud Native Core Network Slice Selection Function (10), Communications Cloud Native Core Policy (51), Communications Cloud Native Core Security Edge Protection Proxy (12), Communications Cloud Native Core Service Communication Proxy (15), Communications Cloud Native Core Unified Data Repository (15), Communications Contacts Server (7), Communications Control Plane Monitor (1), Communications Converged Application Server (6), Communications Converged Application Server - Service Controller (1), Communications Converged Application Server Service Controller (1), Communications Convergence (9), Communications Convergent Charging Controller (3), Communications Core Session Manager (1), Communications Data Model (1), Communications Design Studio (10), Communications Diameter Intelligence Hub (9), Communications Diameter Signaling Router (50), Communications Diameter Signaling Router (DSR) (5), Communications EAGLE Application Processor (6), Communications EAGLE Element Management System (1), Communications EAGLE FTP Table Base Retrieval (3), Communications EAGLE LNP Application Processor (7), Communications EAGLE Software (3), Communications Element Manager (29), Communications Evolved Communications Application Server (7), Communications Fraud Monitor (1), Communications IP Service Activator (4), Communications Instant Messaging Server (14), Communications Interactive Session Recorder (13), Communications LSMS (8), Communications Messaging Server (31), Communications MetaSolv Solution (10), Communications Network Charging (6), Communications Network Charging and Control (5), Communications Network Integrity (16), Communications Network Intelligence (1), Communications Offline Mediation Controller (10), Communications Online Mediation Controller (1), Communications Operations Monitor (27), Communications Order (4), Communications Order and Service Management (2), Communications Performance Intelligence Center (PIC) Software (7), Communications Performance Intelligence Center Software (8), Communications Policy Management (45), Communications Pricing Design Center (21), Communications Security Gateway (2), Communications Service Broker (4), Communications Service Broker Engineered System Edition (2), Communications Services Gatekeeper (18), Communications Session Border Controller (25), Communications Session Report Manager (34), Communications Session Route Manager (34), Communications Session Router (5), Communications Subscriber-Aware Load Balancer (3), Communications Tekelec HLR Router (1), Communications Unified (4), Communications Unified Inventory Management (24), Communications Unified Session Manager (6), Communications User Data Repository (5), Communications WebRTC Session Controller (25), Compensation Workbench (1), Complex Maintenance (1), Complex Maintenance, Repair, and Overhaul (3), Concurrent Processing (2), Configuration (1), Configuration Manager (5), Configurator (12), Construction (10), Construction and Engineering (3), Containers for J2EE (10), Content Manager (3), Control (6), Converged Application Server (1), Converged Application Server - Service Controller (1), Converged Commerce (1), Convergence (2), Core RDBMS component (1), Customer Interaction History (7), Customer Management (6), Customers Online (1), DB (2), Data Integrator (30), Data Masking (1), Data Pump component (2), Data Visualization Desktop (1), Database (160), Database 9i (7), Database 10g (25), Database 11g (5), Database 11i (8), Database Assistant (1), Database Lite Server (1), Database Mobile (5), Database Mobile Server (1), Database Scheduler (1), Database Server (455), Database_server (1), Database server (4), Deal Management (1), Demand Planning (2), Demantra Demand Management (11), Deployment (4), Depot Repair (10), Diagnostic Assistant (2), Diagnostics (1), Diameter Signaling Router (DSR) (3), Directory Server Enterprise Edition (7), Discoverer (2), Discovery (5), Documaker (12), Document Management (1), Document Management and Collaboration (2), E-Business (6), E-Business Intelligence (6), E-Business Suite (455), E-Business Suite 12 (1), E-Business Suite Application Object Library (1), E-Business Suite Applications Framework (1), E-Business Suite Applications Manager (1), E-Business Suite Applications Technology Stack (1), E-Business Suite CRM (1), E-Business Suite Cloud Manager and Cloud Backup Module (1), E-Business Suite Information Discovery (1), E-Business Suite Secure Enterprise Search (2), E-Business Suite Technology Stack (1), E-Business Suite´┐Ż (7), E-Business Tax (1), E-Records (1), E-business Suite 11i (2), E-business Suite 12 (1), EAGLE (Software) (1), Email Center (21), Endeca Information Discovery Integrator (14), Endeca Information Discovery Studio (18), Endeca Server (12), Engineering (2), Engineering Data Management (1), Engineering Suite (10), Enterprise (4), Enterprise Asset Management (2), Enterprise Command Center Framework (1), Enterprise Communications Broker (22), Enterprise Data Quality (12), Enterprise Grid Manager (2), Enterprise Manager (74), Enterprise Manager Base Platform (96), Enterprise Manager Grid Control (36), Enterprise Manager Grid Control 10g (1), Enterprise Manager Ops Center (61), Enterprise Manager for Database (6), Enterprise Manager for Exadata (1), Enterprise Manager for Fusion Applications (1), Enterprise Manager for Fusion Middleware (9), Enterprise Manager for MySQL Database (5), Enterprise Manager for Peoplesoft (3), Enterprise Manager for Storage Management (2), Enterprise Manager for Virtualization (6), EnterpriseOne (4), Enterprise Operations Monitor (1), Enterprise Repository (26), Enterprise Session Border Controller (22), Enterprise Telephony Fraud Monitor (1), Enterpriseone (1), Equipment Management for Pharmaceuticals (1), Essbase (13), Essbase Analytic Provider Services (3), Ethernet Switch ES1-24 (1), Ethernet Switch ES2-64 (2), Ethernet Switch ES2-72 (2), Ethernet Switch TOR-72 (1), Event Processing (1), Exalogic Infrastructure (8), Exchange (1), Experience Manager (1), Explorer (1), FLEXCUBE Core Banking (15), FLEXCUBE Direct Banking (51), FLEXCUBE Enterprise Limits (25), FLEXCUBE Investor Servicing (44), FLEXCUBE Private Banking (72), FLEXCUBE Universal Banking (99), FMW Platform (3), Field Service (5), Files (1), Financial Services - Regulatory Reporting for Reserve Bank of India - Lombard Risk Integration Pack (1), Financial Services - Regulatory Reporting for US Federal Reserve - Lombard Risk Integration Pack (1), Financial Services Analytical Applications Infrastructure (60), Financial Services Analytical Applications Reconciliation Framework (3), Financial Services Asset Liability Management (8), Financial Services Balance Sheet Planning (4), Financial Services Basel Regulatory Capital Basic (5), Financial Services Basel Regulatory Capital Internal Ratings Based Approach (5), Financial Services Behavior Detection Platform (7), Financial Services Compliance Regulatory Reporting (1), Financial Services Crime and Compliance Investigation Hub (1), Financial Services Data Foundation (4), Financial Services Data Governance for US Regulatory Reporting (1), Financial Services Data Integration Hub (5), Financial Services Deposit Insurance Calculations for Liquidity Risk Management (1), Financial Services Enterprise Case Management (5), Financial Services Enterprise Financial Performance Analytics (2), Financial Services Foreign Account Tax Compliance Act Management (1), Financial Services Funds Transfer Pricing (11), Financial Services Hedge Management (8), Financial Services Hedge Management and IFRS Valuations (1), Financial Services Institutional Performance Analytics (6), Financial Services Lending (4), Financial Services Liquidity Risk Management (8), Financial Services Liquidity Risk Measurement (2), Financial Services Liquidity Risk Measurement and Management (1), Financial Services Loan Loss Forecasting (8), Financial Services Loan Loss Forecasting and Provisioning (1), Financial Services Market Risk (2), Financial Services Market Risk Measurement (7), Financial Services Market Risk Measurement and Management (4), Financial Services Model Management and Governance (4), Financial Services Price Creation (5), Financial Services Price Creation and Discovery (3), Financial Services Pricing Management (1), Financial Services Profitability Management (10), Financial Services Reconciliation Framework (2), Financial Services Regulatory Reporting for De Nederlandsche Bank (1), Financial Services Regulatory Reporting for European Banking Authority (2), Financial Services Regulatory Reporting for European Banking Authority - Integration Pack for Lombard Risk (1), Financial Services Regulatory Reporting for US Federal Reserve (2), Financial Services Regulatory Reporting with AgileREPORTER (3), Financial Services Retail Customer Analytics (5), Financial Services Retail Performance Analytics (2), Financial Services Revenue Management (4), Financial Services Revenue Management and Billing (2), Financial Services Revenue Management and Billing Analytics (2), Financial Services Trade-Based Anti Money Laundering Enterprise Edition (1), Financials Common Modules (1), Forms (5), Forms Builder (1), Fuel POS Software (7), Fujitsu M10-1 (21), Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers (4), Fujitsu M10-4 (18), Fujitsu M10-4S (18), Fujitsu M12-1 (16), Fujitsu M12-2 (16), Fujitsu M12-2S (8), Fujitsu M12-2S Servers (8), Fujitsu M Server (2), Fulfillment Manager (1), Fusion Middleware (181), Fusion Middleware MapViewer (20), General Ledger (4), GlassFish Communications Server (1), GlassFish Enterprise Server (7), GlassFish Open Source Edition (1), GlassFish Server (39), GlassFish Server Open Source Edition (3), Glassfish Web Space Server10.0 (1), Global Lifecycle Management (2), Global Lifecycle Management NextGen OUI Framework (1), Global Lifecycle Management OPatch (2), Global Lifecycle Management OPatchAuto (1), Global Order Promising (1), GoldenGate (14), GoldenGate Application Adapter (2), GoldenGate Application Adapters (9), GoldenGate Big Data (1), GoldenGate Monitor (1), GoldenGate Stream Analytics (2), GoldenGate Veridata (2), GoldenGate for Big Data (1), GraalVM Enterprise Edition (29), Graph Server and Client (3), Grid Engine (2), HRMS (France) (1), HTTP Server (85), Hardware Management Pack (2), Health Sciences Argus Safety (1), Health Sciences Central Coding (1), Health Sciences Clinical Development Analytics (1), Health Sciences Clinical Development Center (2), Health Sciences Data Management Workbench (2), Health Sciences Empirica Inspections (4), Health Sciences Empirica Signal (6), Health Sciences Empirica Study (1), Health Sciences InForm (6), Health Sciences InForm CRF Submit (1), Health Sciences InForm Publisher (1), Health Sciences Information Manager (7), Healthcare Analytics Data Integration (1), Healthcare Data Repository (10), Healthcare Foundation (8), Healthcare Master Person Index (9), Healthcare Translational Research (6), Helidon (3), Help Technologies (1), Hospitality 9700 (2), Hospitality Cruise AffairWhere (2), Hospitality Cruise Dining Room Management (4), Hospitality Cruise Fleet Management (14), Hospitality Cruise Fleet Management System (4), Hospitality Cruise Materials Management (4), Hospitality Cruise Shipboard Property Management System (14), Hospitality Gift (4), Hospitality Guest Access (27), Hospitality Hotel Mobile (6), Hospitality Inventory Management (3), Hospitality Labor Management (1), Hospitality Materials Control (5), Hospitality OPERA 5 (9), Hospitality OPERA 5 Property Services (18), Hospitality Property Interfaces (2), Hospitality RES 3700 (5), Hospitality Reporting (30), Hospitality Reporting and Analytics (4), Hospitality Simphony (28), Hospitality Simphony First Edition (5), Hospitality Simphony First Edition Venue Management (1), Hospitality Suite (1), Hospitality Suite8 (22), Hospitality Suites Management (2), Hospitality Token Proxy Service (3), Hospitality WebSuite8 Cloud Service (3), Hospitality e7 (3), Human Resources (7), Hyperion (17), Hyperion Analytic Provider Services (3), Hyperion BI+ (13), Hyperion Calculation Manager (1), Hyperion Common Admin (2), Hyperion Data Relationship Management (6), Hyperion Enterprise Performance Management Architect (5), Hyperion Essbase (5), Hyperion Essbase Administration Services (2), Hyperion Financial Close Management (3), Hyperion Financial Management (6), Hyperion Financial Reporting (10), Hyperion Infrastructure Technology (17), Hyperion Lifecycle Management (2), Hyperion Planning (7), Hyperion Production Reporting Server (1), Hyperion Profitability and Cost Management (1), Hyperion Smart View for Office (1), Hyperion Strategic Finance (1), Hyperion Tax Provision (1), Hyperion Workspace (1), IFRS Valuations (8), ILOM (13), Identity Analytics (5), Identity Federation (2), Identity Management Suite (3), Identity Manager (21), Identity Manager Connector (8), In-Memory Performance-Driven Planning (1), In-Memory Policy Analytics (1), Incentive Compensation (2), Industry (1), Industry Applications (4), Industry Product Suite (6), Installed Base (6), Instance Management component (1), Instant Messaging Server (2), Instantis EnterpriseTrack (32), Insurance Accounting Analyzer (4), Insurance Allocation Manager for Enterprise Profitability (4), Insurance Calculation Engine (10), Insurance Data Foundation (3), Insurance Data Gateway (4), Insurance IFRS 17 Analyzer (2), Insurance IStream (1), Insurance Insbridge Rating (1), Insurance Insbridge Rating and Underwriting (5), Insurance Istream (1), Insurance Performance Insight (2), Insurance Policy Administration (15), Insurance Policy Administration J2EE (14), Insurance Rules Palette (16), Integrated Lights Out Manager (9), Integrated Lights Out Manager (ILOM) (4), Interaction Blending (1), Interaction Center Intelligence (2), Interactive Session Recorder (2), Internet Application Server (3), Internet Directory (10), Internet Expenses (4), JD Edwards (8), JD Edwards EnterpriseOne (8), JD Edwards EnterpriseOne EP (1), JD Edwards EnterpriseOne Orchestrator (13), JD Edwards EnterpriseOne Technology (1), JD Edwards EnterpriseOne Tools (93), JDEdwards Suite CRM (1), JDEdwards Suite Campus Solutions (1), JDEdwards Suite HCM (3), JDEdwards Suite SCM (1), JD Edwards World Security (11), JD Edwards World Technical Foundation (1), JDK (4), JDeveloper (26), JDeveloper and ADF (1), JInitiator (1), JRE (40), JRockit (23), Java (131), Java Advanced Management Console (6), Java Dynamic Management Kit (1), JavaFX (28), Java JDK (2), Java JRE (6), Java ME SDK (1), Java SE (559), Java SE Embedded (72), Java SE JRE (13), Java System Application Server (3), Java System Message Queue (1), Javadoc (1), Jinitiator (1), Knowledge (18), Knowledge Management (9), Labor Distribution (1), Landed Cost Management (1), Leads Management (1), Learning Management (1), Lease and Finance Management (1), Leasing (4), Legal Entity Configurator (1), Life Sciences Data Hub (2), Linux (2), Linux UEK (1), Listener (1), Lite Server (5), Load (2), Loans (1), Loyalty (4), M7 (1), M10-1 (2), M10-4 (5), M10-4S (2), M10-4S Servers (3), M12-1 (2), M12-2 (2), M12-2S (2), M3000 (1), M4000 (6), M5000 (6), M8000 (6), M9000 (5), M9000 Servers (1), MES for Process Manufacturing (1), MICROS 700 Series Tablet (2), MICROS BellaVita (1), MICROS Compact Workstation 3 (1), MICROS ES400 Series (1), MICROS Handheld Terminal (4), MICROS Kitchen Display Controller (1), MICROS Kitchen Display System Hardware (1), MICROS Lucas (6), MICROS PC Workstation 2015 (3), MICROS Relate CRM Software (10), MICROS Retail-J (7), MICROS Retail XBRi Loss Prevention (9), MICROS Workstation 5A (1), MICROS Workstation 6 (5), MICROS Workstation 650 (2), MICROS XBR (3), MICROS XBRi (1), MICROS Xstore Payment (1), M Series Servers (1), Managed File Transfer (12), Management (9), Management Cloud Engine (2), Management Pack for GoldenGate (4), Marketing (39), Marketing Encyclopedia System (1), Messaging Server (1), Middleware Common Libraries and Tools (2), Mobile Field Service (3), Mobile Security Suite (2), Mojarra (3), MySQL (16), MySQL Client (13), MySQL Cluster (76), MySQL Connector (1), MySQLConnector NET (1), MySQL Connectors (32), MySQL Enterprise Backup (4), MySQL Enterprise Monitor (61), MySQL Server (1051), MySQL Utilities (1), MySQL Workbench (26), NetBeans (1), NetSuite (2), Netra Sparc T3-1b (2), NoSQL Database (6), OPMN daemon (1), OPatch (1), OSS Support Tools (20), OSS Support Tools Explorer (1), One-Hour Install Web Server (1), One-to-One Fulfillment (25), Online Mediation Controller (2), OpenGrok (1), OpenJDK (2), Open JDK (1), OpenOffice (1), OpenSSO (14), OpenSSO Enterprise (3), OpenSolaris (24), Operational Analytics (2), Operations Intelligence (1), Optimization (2), Oracle8i (1), Oracle9i (9), Oracle9iAS (2), Oracle9iAS Web Cache (1), Oracle9iAS Web Server (1), Oracle9i Application Server (2), Oracle10g (5), Oracle Application Server (1), Oracle Applications Technology Stack component (1), Oracle Database (1), Oracle Endeca Server (2), Oracle JRockit (1), Oracle Portal component (3), Oracle Switch (1), Oracle WebCenter Content (1), Oracle iPlanet Web Server (1), Order Management (1), Outside In Technology (198), Overhaul (1), Partner Management (10), Passlogix V-go Self-service Password Reset And Oem (1), Payables (2), Payment Interface (2), Payroll (1), PeopleSoft (44), PeopleSoft Enterprise (53), PeopleSoft Enterprise CC Common Application Objects (3), PeopleSoft Enterprise CRM (2), PeopleSoft Enterprise CS Academic Advisement (2), PeopleSoft Enterprise CS Campus Community (6), PeopleSoft Enterprise CS Financial Aid (1), PeopleSoft Enterprise CS SA Integration Pack (2), PeopleSoft Enterprise CS Student Records (1), PeopleSoft Enterprise ELM (1), PeopleSoft Enterprise ELM Enterprise Learning Management (1), PeopleSoft Enterprise ELS (1), PeopleSoft Enterprise ELS Enterprise Learning Management (1), PeopleSoft Enterprise FCSM (1), PeopleSoft Enterprise FIN Cash Management (1), PeopleSoft Enterprise FIN Common Application Objects (1), PeopleSoft Enterprise FIN Expenses (4), PeopleSoft Enterprise FIN Install (3), PeopleSoft Enterprise FIN Payables (1), PeopleSoft Enterprise FIN Project Costing (1), PeopleSoft Enterprise FIN Receivables (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Argentina (1), PeopleSoft Enterprise FIN Supply Chain Portal Pack Brazil (1), PeopleSoft Enterprise FMS (1), PeopleSoft Enterprise FSCM (11), PeopleSoft Enterprise HCM (17), PeopleSoft Enterprise HCM Absence Management (1), PeopleSoft Enterprise HCM Candidate Gateway (1), PeopleSoft Enterprise HCM Global Payroll Core (1), PeopleSoft Enterprise HCM Global Payroll Switzerland (1), PeopleSoft Enterprise HCM Human Resources (8), PeopleSoft Enterprise HCM Shared Components (2), PeopleSoft Enterprise HCM Talent Acquisition Manager (1), PeopleSoft Enterprise HCM Talent Acquistion Managment (1), PeopleSoft Enterprise HCM ePerformance (1), PeopleSoft Enterprise HCM eProfile Manager Desktop (1), PeopleSoft Enterprise HRMS (24), PeopleSoft Enterprise HRMS Human Resources (1), PeopleSoft Enterprise HRMS eCompensation (1), PeopleSoft Enterprise Interaction Hub (1), PeopleSoft Enterprise PRTL Interaction Hub (16), PeopleSoft Enterprise PT PeopleTools (20), PeopleSoft Enterprise PeopleTools (312), PeopleSoft Enterprise Portal (3), PeopleSoft Enterprise Portal Interaction Hub (1), PeopleSoft Enterprise SCM (5), PeopleSoft Enterprise SCM Purchasing (6), PeopleSoft Enterprise SCM Service Procurement (1), PeopleSoft Enterprise SCM Services Procurement (2), PeopleSoft Enterprise SCM Strategic Sourcing (2), PeopleSoft Enterprise SCM eBill Payment (1), PeopleSoft Enterprise SCM eProcurement (6), PeopleSoft Enterprise SCM eSupplier Connection (2), PeopleSoft HCM ePerformance (1), PeopleSoft HRMS (3), PeopleSoft PeopleTools (12), PeopleSoft PeopleTools component (6), PeopleSoft Products (12), Peoplesoft And Jdedwards Product Suite (40), Peoplesoft Enterprise Customer Relationship Management (2), Peoplesoft_enterprise (1), Performance Management (1), Pharmaceutical (1), Pillar Axiom (1), Platform Security for Java (3), Policy Automation (9), Policy Automation Connector for Siebel (6), Policy Automation for Mobile Devices (5), Portal (3), Primavera Analytics (2), Primavera Contract Management (3), Primavera Data Warehouse (1), Primavera Gateway (34), Primavera P6 Enterprise Project Portfolio Manageme (1), Primavera P6 Enterprise Project Portfolio Management (59), Primavera P6 Professional Project Management (2), Primavera Portfolio Management (13), Primavera Product Suite (1), Primavera Unifier (59), Product Hub (1), Product Lifecycle Analytics (2), Products (1), Project Contracts (1), Project Costing (1), Projects (1), Provisioning (8), Public Sector Financials International (1), Purchasing (1), Quoting (2), REST Data Services (11), Rapid Planning (17), Real-Time Decision Server (7), Real-Time Decisions (RTD) Solutions (2), Real-Time Scheduler (3), Real User Experience Insight (5), Receivables (1), Remote Data Capture (1), Repair (1), Report Manager component (1), Reports (4), Reports Developer (5), Retail (10), Retail Advanced Inventory Planning (9), Retail Advanced Science Engine (1), Retail Allocation (6), Retail Analytic Parameter Calculator - RO (2), Retail Analytics (2), Retail Assortment Planning (20), Retail Back Office (23), Retail Bulk Data Integration (9), Retail Category Management (1), Retail Category Management Planning (1), Retail Category Management Planning & Optimization (1), Retail Central (1), Retail Central Office (22), Retail Clearance Optimization Engine (10), Retail Convenience (7), Retail Convenience Store Back Office (1), Retail Customer Engagement (3), Retail Customer Insights (8), Retail Customer Management (18), Retail Customer Management and Segmentation Foundation (18), Retail Data Extractor for Merchandising (3), Retail Demand Forecasting (1), Retail EFTLink (8), Retail Extract Transform (2), Retail Extract Transform and Load (4), Retail Financial Integration (17), Retail Fiscal Management (2), Retail Fusion Platform (1), Retail Insights (2), Retail Insights Cloud Service Suite (1), Retail Integration Bus (34), Retail Invoice Matching (16), Retail Item Planning (3), Retail MICROS ARS POS (1), Retail MICROS C2 (1), Retail Macro Space Optimization (3), Retail Markdown Optimization (5), Retail Merchandise Financial Planning (3), Retail Merchandising Insights (2), Retail Merchandising System (21), Retail Open Commerce Platform (10), Retail Order Broker (43), Retail Order Broker Cloud Service (1), Retail Order Management System (5), Retail Order Management System Cloud Service (1), Retail Point-of-Sale (1), Retail Point-of-Service (17), Retail Predictive Application Server (23), Retail Price Management (6), Retail Regular Price Optimization (3), Retail Replenishment Optimization (3), Retail Returns Management (20), Retail Returns Management: (1), Retail Sales Audit (7), Retail Service Backbone (27), Retail Service Layer (1), Retail Size Profile Optimization (4), Retail Store Inventory (1), Retail Store Inventory Management (14), Retail Warehouse Management System (2), Retail Workforce Management (2), Retail Workforce Management Software (2), Retail XBRi Loss Prevention (1), Retail Xstore Office (4), Retail Xstore Office Cloud Service (1), Retail Xstore Payment (4), Retail Xstore Point of Service (57), Returns Management (1), Revenue Management (6), Right Now Service Cloud (1), S7 (1), SD-WAN Aware (4), SD-WAN Edge (10), SDK (2), SE (1), SOA Suite (10), SPARC Enterprise M3000 (6), SPARC Enterprise M4000 (1), SPARC Enterprise M5000 (1), SPARC Enterprise M8000 (1), SPARC Enterprise M9000 (1), SPARC Enterprise M Series Servers (3), SPARC Enterprise M Server (1), SPARC Enterprise Server (5), SPARC Enterprise T (1), SPARC Enterprise T4 Servers (1), SPARC T-Series Servers (1), SPARC T3 (1), SQL Developer (3), SQL Trace Analyzer (1), SYNEL (1), Sales Offline (3), Scripting (5), Secure Backup (32), Secure Enterprise Search (1), Secure Global Desktop (67), Security Service (11), Segmentation Foundation (24), Server (1), Service Architecture Leveraging Tuxedo (1), Service Bus (6), Service Contracts (2), Service Fulfillment Manager (1), Service Intelligence (1), Service Management (4), Services Tools Bundle (2), Shipping Execution (1), Siebel (16), Siebel Apps (3), Siebel Apps - Marketing (4), Siebel CRM (62), Siebel CRM Desktop (2), Siebel CTMS (1), Siebel Call Center (1), Siebel Clinical (3), Siebel Core (12), Siebel Core - Automation (1), Siebel Core - Common Components (1), Siebel Core - DB Deployment (1), Siebel Core - EAI (1), Siebel Core - Server BizLogic Script (1), Siebel Core - Server Framework (3), Siebel Core CRM (1), Siebel Engineering (2), Siebel Engineering - Installer (3), Siebel Engineering Installer (1), Siebel Enterprise (1), Siebel Enterprise Application Integration (4), Siebel Enterprise Suite (1), Siebel Life Sciences (2), Siebel Mobile App (1), Siebel Mobile Applications (1), Siebel Option Pack Ie Activex Control (1), Siebel Public Sector (1), Siebel Suite (4), Siebel Travel (1), Siebel UI Framework (44), Site Hub (1), Social Network (1), Solaris (370), Solaris Cluster (22), Solaris Studio (1), Sourcing (2), Sparc Enterprise M4000 Server (1), Spatial Studio (3), Storage Cloud Software Appliance (2), StorageTek ACSLS (6), StorageTek Tape Analytics (2), StorageTek Tape Analytics SW Tool (12), Subledger Accounting (1), Subsetting (1), Sun Blade 6000 (1), Sun Blade 6000 Ethernet Switched NEM 24P 10GE (2), Sun Convergence (2), Sun Data Center InfiniBand Switch 36 (2), Sun Fire X4270 (2), Sun Java System Access Manager Policy Agent (1), Sun Java System Web Proxy Server (1), SunMC (1), Sun Microsystems SunScreen Firewall (1), Sun Network 10GBE Switch (1), Sun Network 10GE Switch 72p (2), Sun Network QDR InfiniBand Gateway Switch (2), Sun Product Suite (1), Sun Products Suite (30), Sun Ray Operating Software (1), Sun Ray Software (3), Sun Storage Common Array Manager (2), Sun Systems Products Suite (4), Sun ZFS Storage Appliance Kit (18), Sun ZFS Storage Appliance Kit (AK) (12), Sun ZFS Storage Appliance Kit AK (4), SuperCluster Specific Software (2), Supply Chain (24), Supply Chain Products Suite (17), Support Tools (1), Switch ES1-24 (2), System Utilities (1), T4 (1), T7 (1), Talent Acquisition Cloud (1), Taleo Platform (1), Tape Library ACSLS (9), Tape Virtual Storage Manager GUI (1), Tekelec HLR Router (1), Tekelec Platform Distribution (5), Tekelec Virtual Operating Environment (1), Territory Management (1), Thesaurus Management System (1), Time and Labor (4), Times Ten Client Server (2), TimesTen In-Memory Database (12), Times Ten In Memory Database (1), Timesten In-memory Database (1), TopLink (1), Trace File Analyzer (1), Trade Management (24), Traffic Director (5), Transfer Pricing Component (1), Transportation (1), Transportation Execution (1), Transportation Management (55), Transportation Manager (1), Tuxedo (11), Tuxedo System (3), Underwriting (1), Unified (2), Unified Directory (2), Universal Work Queue (8), User Management (1), Utilities Advanced Spatial (2), Utilities Customer Self Service (1), Utilities Framework (32), Utilities Mobile Workforce Management (2), Utilities Network Management System (6), Utilities Testing Accelerator (9), Utilities Work (4), VM (4), VM Server (2), VM Server for SPARC (2), VM VirtualBox (325), VirtualBox (1), Virtual Desktop Infrastructure (5), Virtual Directory (3), Virtualization (1), Virtualization VirtualBox (1), Waveset (1), Web Analytics (2), Web Applications Desktop Integrator (5), Web Cache (5), WebCenter Capture (1), WebCenter Content (15), WebCenter Interaction (8), WebCenter Interaction Portal (1), WebCenter Portal (49), WebCenter Sites (57), WebDB (2), Web Listener (2), WebLogic (2), WebLogic Portal (3), WebLogic Server (257), WebLogic Server Proxy Plug-In (2), WebLogic Workshop (1), Web Server (1), Web Services (3), Web Services Manager (2), Weblogic Server Component (1), Webloic Server Component (2), Webserver (1), Workflow (4), Work in Process (2), X86 Servers (1), XML Gateway (1), ZFS Storage Appliance Kit (11), ZFS Storage Application Integration Engineering Software (1), forms (1), htmldb (2), iLearning (16), iPlanet Web Proxy Server (6), iPlanet Web Server (10), iSetup (1), iStore (36), iSupplier Portal (3), iSupport (19), jdeveloper (1), mod_auth_oracle Module (1), sqldemos (1)

Link to Vendor Website: https://www.oracle.com

PublishedBaseTempVulnerabilityProdExpRemCTICVE
06/18/20223.83.8Oracle Cloud Services information disclosureCloud SoftwareNot DefinedNot Defined0.28CVE-2022-21503
06/15/20226.76.5Oracle Linux UEK File Descriptor access controlUnknownNot DefinedOfficial Fix0.07CVE-2022-21504
05/20/20226.46.3Oracle E-Business Suite Manage Proxies improper authenticationSupply Chain Management SoftwareNot DefinedOfficial Fix0.06CVE-2022-21500
04/20/20226.26.0Oracle PeopleSoft/PeopleSoft Enterprise PeopleTools Navigation Pages/Portal/Query Remote Code ExecutionEnterprise Resource Planning SoftwareNot DefinedOfficial Fix0.03CVE-2022-21456
04/19/20223.83.7Oracle VM VirtualBox Core unknown vulnerabilityVirtualization SoftwareNot DefinedOfficial Fix0.07CVE-2022-21488
04/19/20223.83.7Oracle VM VirtualBox Core information disclosureVirtualization SoftwareNot DefinedOfficial Fix0.00CVE-2022-21487
04/19/20226.56.3Oracle VM VirtualBox Core denial of serviceVirtualization SoftwareNot DefinedOfficial Fix0.03CVE-2022-21471
04/19/20226.76.5Oracle VM VirtualBox Core unknown vulnerabilityVirtualization SoftwareNot DefinedOfficial Fix0.09CVE-2022-21465
04/19/20227.87.6Oracle VM VirtualBox Core Local Privilege EscalationVirtualization SoftwareNot DefinedOfficial Fix0.03CVE-2022-21491
04/19/20229.08.8Oracle Secure Global Desktop Web Server server-side request forgeryConnectivity SoftwareNot DefinedOfficial Fix0.07CVE-2021-40438
04/19/20226.66.4Oracle Utilities Framework General input validationUnknownNot DefinedOfficial Fix0.11CVE-2021-44832
04/19/20226.66.4Oracle Taleo Platform Taleo Connect Client Installer input validationUnknownNot DefinedOfficial Fix0.03CVE-2021-44832
04/19/20223.73.6Oracle StorageTek ACSLS Software information disclosureUnknownNot DefinedOfficial Fix0.08CVE-2020-9488
04/19/20223.73.6Oracle Ethernet Switch TOR-72 Firmware information disclosureNetwork Encryption SoftwareNot DefinedOfficial Fix0.03CVE-2020-1968
04/19/20223.73.6Oracle Ethernet Switch ES1-24 Firmware information disclosureUnknownNot DefinedOfficial Fix0.04CVE-2020-1968
04/19/20224.03.9Oracle Solaris Kernel denial of serviceOperating SystemNot DefinedOfficial Fix0.11CVE-2022-21494
04/19/20224.84.7Oracle Solaris Cluster Tools path traversalOperating SystemNot DefinedOfficial Fix0.05CVE-2021-29425
04/19/20225.04.9Oracle Solaris Utility unknown vulnerabilityOperating SystemNot DefinedOfficial Fix0.04CVE-2022-21416
04/19/20225.55.4Oracle Solaris Kernel denial of serviceOperating SystemNot DefinedOfficial Fix0.04CVE-2022-21463
04/19/20225.55.4Oracle Solaris Kernel information disclosureOperating SystemNot DefinedOfficial Fix0.03CVE-2022-21461
04/19/20225.95.8Oracle Solaris Kernel denial of serviceOperating SystemNot DefinedOfficial Fix0.03CVE-2022-21493
04/19/20226.46.3Oracle StorageTek ACSLS Software cross site scriptingUnknownNot DefinedOfficial Fix0.04CVE-2020-11022
04/19/20226.56.4Oracle StorageTek ACSLS Software information disclosureUnknownNot DefinedOfficial Fix0.04CVE-2019-3740
04/19/20227.27.1Oracle StorageTek ACSLS Software unknown vulnerabilityUnknownNot DefinedOfficial Fix0.08CVE-2020-5421
04/19/20226.56.3Oracle Solaris Cluster Tools information disclosureOperating SystemNot DefinedOfficial Fix0.00CVE-2020-6950
04/19/20227.57.3Oracle StorageTek Tape Analytics Core temp fileUnknownNot DefinedOfficial Fix0.00CVE-2020-11979
04/19/20227.57.3Oracle StorageTek ACSLS Software temp fileUnknownNot DefinedOfficial Fix0.00CVE-2020-11979
04/19/20228.28.0Oracle Solaris Utility unknown vulnerabilityOperating SystemNot DefinedOfficial Fix0.06CVE-2022-21446
04/19/20228.07.9Oracle StorageTek Tape Analytics Application Server Remote Code ExecutionUnknownNot DefinedOfficial Fix0.03CVE-2021-2351
04/19/20228.07.9Oracle StorageTek ACSLS Software Remote Code ExecutionUnknownNot DefinedOfficial Fix0.03CVE-2021-2351
04/19/20229.89.6Oracle ZFS Storage Appliance Kit Operating System Image out-of-bounds writeUnknownNot DefinedOfficial Fix0.09CVE-2021-39275
04/19/20229.89.6Oracle Solaris Cluster Tools exceptional conditionOperating SystemNot DefinedOfficial Fix0.03CVE-2019-17195
04/19/20225.55.4Oracle OSS Support Tools Explorer information disclosureUnknownNot DefinedOfficial Fix0.00CVE-2022-21405
04/19/20226.56.3Oracle OSS Support Tools Diagnostic Assistant denial of serviceUnknownNot DefinedOfficial Fix0.03CVE-2021-41973
04/19/20226.56.3Oracle OSS Support Tools Diagnostic Assistant denial of serviceUnknownNot DefinedOfficial Fix0.04CVE-2021-30129
04/19/20224.84.7Oracle Agile PLM Security path traversalProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.05CVE-2021-29425
04/19/20226.36.3Oracle Agile PLM Security cross site scriptingProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.03CVE-2021-41165
04/19/20226.15.9Oracle Transportation Management User Interface unknown vulnerabilityTransport Management SoftwareNot DefinedOfficial Fix0.10CVE-2022-21480
04/19/20226.56.3Oracle Agile PLM Attachments information disclosureProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.06CVE-2022-21467
04/19/20226.66.4Oracle Autovue for Agile Product Lifecycle Management Internal Operations input validationUnknownNot DefinedOfficial Fix0.24CVE-2021-44832
04/19/20226.66.4Oracle Agile PLM MCAD Connector CAX Client input validationProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.04CVE-2021-44832
04/19/20226.66.4Oracle Agile PLM Security input validationProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.12CVE-2021-44832
04/19/20226.66.4Oracle Agile Engineering Data Management Installation Issues input validationUnknownNot DefinedOfficial Fix0.10CVE-2021-44832
04/19/20227.57.3Oracle Agile PLM Security denial of serviceProduct Lifecycle Management SoftwareNot DefinedOfficial Fix0.05CVE-2021-42340
04/19/20229.89.6Oracle Product Lifecycle Analytics Installer code injectionUnknownNot DefinedOfficial Fix0.05CVE-2022-22965
04/19/20229.89.6Oracle Advanced Supply Chain Planning MscObieeSrvlt sql injectionSupply Chain Management SoftwareNot DefinedOfficial Fix0.03CVE-2022-23305
04/19/20225.35.2Oracle Retail EFTLink Framework information disclosureUnknownNot DefinedOfficial Fix0.04CVE-2021-34429
04/19/20225.55.4Oracle Retail Xstore Point of Service Xstore Office denial of serviceWarehouse Management System SoftwareNot DefinedOfficial Fix0.04CVE-2021-31812
04/19/20225.55.4Oracle Retail Xstore Point of Service Xenvironment denial of serviceWarehouse Management System SoftwareNot DefinedOfficial Fix0.07CVE-2021-36374
04/19/20225.55.4Oracle Retail Invoice Matching Security denial of serviceUnknownNot DefinedOfficial Fix0.04CVE-2021-36374

11764 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!