Oracle Security Vulnerabilities (CVEs)
Track 633 security vulnerabilities affecting Oracle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A local privilege escalation vulnerability in Oracle Solaris 11 filesystem component allows high-privileged attackers with system access to cause deni...
Oct 21, 2025This vulnerability in Oracle Applications Framework allows authenticated attackers with low privileges to modify data through the Upload Attachments c...
Oct 21, 2025This critical vulnerability in Oracle Marketing allows unauthenticated attackers with network access via HTTP to completely compromise the Oracle Mark...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows unauthenticated attackers with network access via HTTP to compromise the system....
Oct 21, 2025This vulnerability in Oracle Java's JAXP component allows unauthenticated attackers to access sensitive data via network protocols. It affects multipl...
Oct 21, 2025A local privilege escalation vulnerability in Oracle Solaris 11 kernel allows authenticated low-privileged users to cause a complete denial-of-service...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows authenticated high-privilege attackers to modify or read sensitive data via HTTP...
Oct 21, 2025This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers to cause a denial of service by crashing or hangi...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows authenticated attackers with low privileges to perform unauthorized data manipul...
Oct 21, 2025This vulnerability in Oracle Applications Framework allows authenticated attackers with low privileges to modify data through HTTP requests. It affect...
Oct 21, 2025This vulnerability in Oracle Java SE and GraalVM allows an unauthenticated attacker with network access to potentially modify critical data through di...
Oct 21, 2025An unauthenticated vulnerability in Oracle Applications Manager allows attackers to modify or read limited data by tricking users into interacting wit...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows high-privileged attackers with network access via HTTP to gain unauthorized acce...
Oct 21, 2025An unauthenticated attacker can exploit this vulnerability in Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC component via HTTP to modify or re...
Oct 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to compromise the system. It...
Oct 21, 2025An unauthenticated attacker can exploit this vulnerability in Oracle Workflow Notification Mailer via HTTP to modify or read data. The attack requires...
Oct 21, 2025This vulnerability in MySQL Server's DML component allows authenticated high-privilege attackers to cause denial of service (server hang/crash) or mod...
Oct 21, 2025A vulnerability in MySQL Server's InnoDB component allows high-privileged attackers with network access to cause denial of service (server hangs or cr...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows unauthenticated attackers with network access via HTTP to compromise the system....
Oct 21, 2025This vulnerability allows unauthenticated attackers with network access via Bonjour to read sensitive data from Oracle Database Server's Portable Clus...
Oct 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows authenticated attackers with low privileges to manipulate data via the Rich Text...
Oct 21, 2025This vulnerability in Oracle Business Intelligence Enterprise Edition allows high-privileged attackers with network access to compromise the system vi...
Oct 21, 2025An unauthenticated attacker can exploit this vulnerability in Oracle iStore via HTTP to modify or read limited data, requiring interaction from anothe...
Oct 21, 2025This vulnerability in Oracle MySQL Server's optimizer component allows high-privileged attackers with network access to cause denial of service by cra...
Oct 21, 2025This vulnerability in Oracle Product Hub allows authenticated attackers with low privileges to perform unauthorized data manipulation and access via H...
Oct 21, 2025This vulnerability allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hanging MySQL Server. It aff...
Oct 21, 2025This vulnerability allows high-privileged attackers with network access via HTTP to cause a denial of service (DoS) on Oracle ZFS Storage Appliance Ki...
Oct 21, 2025This vulnerability allows high-privileged attackers with network access via HTTP to access sensitive data in Oracle Financial Services Revenue Managem...
Oct 21, 2025This vulnerability in Oracle Financial Services Revenue Management and Billing allows authenticated attackers with low privileges to access sensitive ...
Oct 21, 2025This vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows authenticated attackers with low privileges to access se...
Oct 21, 2025This vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers with network access via HTTP t...
Oct 21, 2025An unauthenticated remote code execution vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows attackers to complet...
Oct 21, 2025This is a path traversal vulnerability (CWE-22) in Oracle Configurator within Oracle E-Business Suite that allows unauthenticated attackers to access ...
Oct 12, 2025This critical vulnerability in Oracle E-Business Suite's Concurrent Processing component allows unauthenticated attackers to remotely execute arbitrar...
Oct 5, 2025OpenGrok 1.14.1 has a reflected cross-site scripting vulnerability in the cross reference page due to improper sanitization of the revision parameter....
Sep 19, 2025This vulnerability in Oracle VM VirtualBox 7.1.10 allows a high-privileged attacker with local access to the host system to access sensitive data from...
Jul 15, 2025This vulnerability in Oracle MySQL Server's optimizer component allows authenticated high-privileged attackers to cause a denial of service (DoS) by c...
Jul 15, 2025This vulnerability in MySQL Server's replication component allows authenticated high-privileged attackers to cause a denial of service (DoS) by crashi...
Jul 15, 2025This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to the host system to completely compromise the Virtual...
Jul 15, 2025This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to the host system to access sensitive data from the vi...
Jul 15, 2025A local privilege escalation vulnerability in Oracle VM VirtualBox 7.1.10 allows attackers with high privileges on the host system to compromise the V...
Jul 15, 2025This vulnerability in Oracle Universal Work Queue allows unauthenticated attackers with network access via HTTP to compromise the system. It affects O...
Jul 15, 2025This vulnerability in MySQL Server's InnoDB component allows authenticated high-privilege attackers to cause denial of service by crashing or hanging ...
Jul 15, 2025A vulnerability in MySQL Server's optimizer component allows authenticated high-privilege attackers to cause denial of service by crashing or hanging ...
Jul 15, 2025A vulnerability in MySQL Server's LDAP authentication component allows high-privileged attackers with network access to cause denial of service by cra...
Jul 15, 2025This vulnerability in Oracle Universal Work Queue allows authenticated attackers with low privileges to perform unauthorized data manipulation (create...
Jul 15, 2025This vulnerability in Oracle Applications Framework allows authenticated attackers with low privileges to perform unauthorized data manipulation and l...
Jul 15, 2025This vulnerability in MySQL Server's InnoDB component allows high-privileged attackers with network access to cause denial of service by crashing or h...
Jul 15, 2025This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to cause denial of service by crashing or hanging the s...
Jul 15, 2025This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers with local access to cause a denial of service (D...
Jul 15, 2025Why Monitor Oracle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 633+ known vulnerabilities affecting Oracle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oracle packages in under 60 seconds. No agents required - completely agentless scanning that works across Oracle deployments.
Free vulnerability database: Access detailed information about every Oracle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oracle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
