Oracle Security Vulnerabilities (CVEs)
Track 697 security vulnerabilities affecting Oracle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Oracle VM VirtualBox allows a low-privileged local attacker to compromise the virtualization software, potentially gaining unaut...
Apr 22, 2021This vulnerability in Oracle Labor Distribution allows authenticated attackers with low privileges to perform unauthorized data manipulation and acces...
Apr 22, 2021This vulnerability in Oracle Advanced Pricing allows authenticated attackers with low privileges to manipulate critical pricing data via HTTP requests...
Apr 22, 2021This vulnerability in Oracle Work in Process allows authenticated attackers with low privileges to perform unauthorized data manipulation and access v...
Apr 22, 2021This vulnerability in Oracle Legal Entity Configurator allows authenticated attackers with low privileges to perform unauthorized data manipulation an...
Apr 22, 2021This vulnerability in Oracle iSetup allows authenticated attackers with low privileges to perform unauthorized data manipulation and access critical i...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows an unauthenticated attacker with network access via RDP to potentially take over the VirtualBox inst...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows an unauthenticated attacker with local access to the host system to compromise the VirtualBox instal...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows an unauthenticated attacker with local access to the host system to access sensitive data from the V...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows an unauthenticated attacker with local access to the host system to access sensitive data from the V...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows an unauthenticated attacker with local access to the host system to access sensitive data from the V...
Apr 22, 2021This vulnerability in Oracle Product Hub allows low-privileged attackers with network access via HTTP to compromise the system, leading to unauthorize...
Apr 22, 2021This vulnerability in Oracle Document Management and Collaboration allows authenticated attackers with low privileges to perform unauthorized data man...
Apr 22, 2021This vulnerability in Oracle E-Business Suite's Concurrent Processing component allows authenticated attackers with low privileges to access and manip...
Apr 22, 2021This vulnerability in Oracle Cash Management allows authenticated attackers with low privileges to perform unauthorized data manipulation and access v...
Apr 22, 2021This vulnerability in Oracle Depot Repair allows authenticated attackers with low privileges to perform unauthorized data manipulation and access via ...
Apr 22, 2021This vulnerability in Oracle E-Business Suite's Installed Base component allows authenticated attackers with network access via HTTP to perform unauth...
Apr 22, 2021This vulnerability in Oracle Enterprise Asset Management allows authenticated attackers with low privileges to perform unauthorized data manipulation ...
Apr 22, 2021This vulnerability in Oracle Transportation Execution allows authenticated attackers with low privileges to perform unauthorized data manipulation and...
Apr 22, 2021This vulnerability in Oracle General Ledger's Account Hierarchy Manager allows authenticated attackers with network access via HTTP to perform unautho...
Apr 22, 2021This vulnerability in Oracle Time and Labor allows authenticated attackers with low privileges to perform unauthorized data manipulation and access se...
Apr 22, 2021This vulnerability in Oracle iStore's Shopping Cart component allows authenticated attackers with low privileges to perform unauthorized data manipula...
Apr 22, 2021This critical vulnerability in Oracle Hyperion Analytic Provider Services and Essbase Analytic Provider Services allows unauthenticated remote attacke...
Apr 22, 2021This vulnerability in Oracle Universal Work Queue allows authenticated attackers with low privileges to perform unauthorized data manipulation and acc...
Apr 22, 2021An unauthenticated remote code execution vulnerability in Oracle Secure Global Desktop 5.6 allows attackers to completely compromise the server via ne...
Apr 22, 2021This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to the host system to completely compromise the Virtual...
Apr 22, 2021This vulnerability in Oracle Loans (part of Oracle E-Business Suite) allows authenticated attackers with low privileges to perform unauthorized data m...
Apr 22, 2021An unauthenticated remote attacker can exploit this vulnerability in Oracle Advanced Supply Chain Planning via HTTP to create, delete, or modify criti...
Apr 22, 2021This vulnerability in Oracle Service Contracts allows authenticated attackers with low privileges to perform unauthorized data manipulation and access...
Apr 22, 2021An unauthenticated remote code execution vulnerability in Oracle Storage Cloud Software Appliance allows attackers to completely compromise the system...
Apr 22, 2021This vulnerability in Oracle Projects (part of Oracle E-Business Suite) allows authenticated attackers with low privileges to perform unauthorized dat...
Apr 22, 2021This vulnerability in Oracle E-Business Suite's iRecruitment component allows authenticated attackers with low privileges to perform unauthorized data...
Apr 22, 2021This vulnerability in Oracle Partner Management allows unauthenticated attackers to access sensitive data and modify information via HTTP requests. It...
Apr 22, 2021This vulnerability in Oracle iStore allows unauthenticated attackers to access sensitive data and modify information via HTTP. It affects Oracle E-Bus...
Apr 22, 2021This vulnerability in Oracle iStore allows unauthenticated attackers to access sensitive data and modify some data via HTTP requests. It affects Oracl...
Apr 22, 2021This vulnerability in Oracle Applications Framework allows unauthenticated attackers to remotely compromise Oracle E-Business Suite via HTTP. Attacker...
Apr 22, 2021This vulnerability allows unauthenticated attackers to remotely compromise Oracle Marketing via HTTP, enabling unauthorized access to critical data an...
Apr 22, 2021This vulnerability in Oracle Email Center allows authenticated attackers with low privileges to access sensitive data and modify information via HTTP ...
Apr 22, 2021This vulnerability in Oracle PeopleSoft Enterprise PT PeopleTools allows unauthenticated attackers with network access via HTTP to compromise the syst...
Apr 22, 2021This critical vulnerability in Oracle Secure Global Desktop allows unauthenticated attackers with network access to potentially take over the system t...
Apr 22, 2021This vulnerability in Oracle Receivables allows authenticated attackers with low privileges to manipulate critical financial data via HTTP requests. I...
Apr 22, 2021This vulnerability in Oracle E-Business Intelligence allows authenticated attackers with low privileges to perform unauthorized data manipulation and ...
Apr 22, 2021This vulnerability in Oracle iStore allows unauthenticated attackers to access sensitive data and modify information via HTTP requests. It affects Ora...
Apr 22, 2021This vulnerability in Oracle Sales Offline allows unauthenticated attackers to cause a denial of service (DoS) by crashing or hanging the application ...
Apr 22, 2021This vulnerability in Eclipse Jetty allows denial-of-service attacks by causing 100% CPU usage when processing large invalid TLS frames. Attackers can...
Apr 1, 2021This vulnerability allows remote code execution in Genivia gSOAP's WS-Addressing plugin. Attackers can exploit it by sending a specially crafted SOAP ...
Mar 25, 2021This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects appl...
Mar 25, 2021CVE-2021-21341 is a denial-of-service vulnerability in XStream library where specially crafted XML input can cause 100% CPU consumption on target syst...
Mar 23, 2021CVE-2021-27364 is a Linux kernel vulnerability in the iSCSI subsystem that allows unprivileged local users to cause a denial of service or potentially...
Mar 7, 2021This CVE describes a double-free vulnerability in ssh-agent component of OpenSSH versions before 8.5. It could allow attackers to potentially execute ...
Mar 5, 2021Why Monitor Oracle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 697+ known vulnerabilities affecting Oracle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oracle packages in under 60 seconds. No agents required - completely agentless scanning that works across Oracle deployments.
Free vulnerability database: Access detailed information about every Oracle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oracle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
