Oracle Security Vulnerabilities (CVEs)
Track 641 security vulnerabilities affecting Oracle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A vulnerability in MySQL Server's optimizer component allows high-privileged attackers with network access to cause denial of service by crashing or h...
Jul 15, 2025This vulnerability in Oracle MySQL Server's Components Services allows high-privileged attackers with network access to cause denial of service by cra...
Jul 15, 2025This vulnerability in Oracle MySQL's InnoDB component allows authenticated high-privileged attackers to cause a denial of service (DoS) by crashing or...
Jul 15, 2025This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via HTTP to compromise the server. It requires human...
Jul 15, 2025This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers to cause denial of service by crashing or hanging...
Jul 15, 2025This vulnerability in MySQL Server's optimizer component allows authenticated high-privilege attackers to cause denial of service by crashing or hangi...
Jul 15, 2025This vulnerability in MySQL Server's optimizer component allows authenticated attackers with low privileges to cause denial of service by crashing or ...
Jul 15, 2025This vulnerability in Oracle Database Server's Java VM component allows attackers with low privileges (Create Session, Create Procedure) and network a...
Jul 15, 2025This vulnerability in Oracle Applications Framework allows authenticated attackers with low privileges to perform unauthorized data manipulation (inse...
Jul 15, 2025This vulnerability in Oracle Application Express allows low-privileged attackers with network access to compromise the system via HTTP, requiring huma...
Jul 15, 2025This vulnerability in Oracle Java SE and GraalVM networking components allows unauthenticated attackers with network access to bypass Java sandbox sec...
Jul 15, 2025This vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management allows authenticated attackers with low privileges to perform unauth...
Jul 15, 2025This vulnerability in Oracle PeopleSoft Enterprise HCM Global Payroll Core allows authenticated attackers with low privileges to access and modify sen...
Jul 15, 2025This vulnerability in Oracle WebLogic Server allows authenticated high-privileged attackers to modify or read limited data through HTTP requests requi...
Jul 15, 2025CVE-2025-30756 is a cross-site request forgery (CSRF) vulnerability in Oracle REST Data Services 24.2.0 that allows unauthenticated attackers to manip...
Jul 15, 2025This vulnerability in Oracle Business Intelligence Enterprise Edition allows unauthenticated attackers with network access via HTTP to compromise the ...
Jul 15, 2025This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to access sensitive data. I...
Jul 15, 2025This vulnerability in Oracle Java's 2D component allows an unauthenticated attacker with network access to potentially compromise Java SE, GraalVM for...
Jul 15, 2025This vulnerability in Oracle Database allows attackers with low privileges (Create Session and Create Procedure) to gain complete control over the dat...
Jul 15, 2025This vulnerability in Oracle WebLogic Server allows authenticated attackers with low privileges to cause a denial of service (DoS) by crashing or hang...
Jul 15, 2025This vulnerability in Oracle CRM Technical Foundation allows high-privileged attackers with network access via HTTP to perform unauthorized data manip...
Jul 15, 2025This vulnerability in Oracle Lease and Finance Management allows authenticated attackers with network access to manipulate critical data or access sen...
Jul 15, 2025This vulnerability in Oracle MES for Process Manufacturing allows unauthenticated attackers to manipulate or view sensitive manufacturing data by tric...
Jul 15, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows unauthenticated attackers to read sensitive data by tricking users into clicking...
Jul 15, 2025This vulnerability in systemd-coredump allows attackers to exploit a race condition to access privileged process coredumps. By forcing a SUID process ...
May 30, 2025OpenGrok 1.13.25 contains a reflected Cross-Site Scripting (XSS) vulnerability in its history view page due to improper sanitization of path segments....
May 2, 2025An unauthenticated attacker can exploit this vulnerability in Oracle Application Object Library via HTTP to modify or read limited data, requiring use...
Apr 15, 2025This vulnerability in Oracle PeopleSoft Enterprise CC Common Application Objects allows authenticated attackers with low privileges to perform unautho...
Apr 15, 2025This vulnerability in Oracle Smart View for Office allows high-privileged attackers with network access to manipulate or access sensitive data when th...
Apr 15, 2025An unauthenticated vulnerability in Oracle BI Publisher's XML Services allows remote attackers to access sensitive data via HTTP. This affects Oracle ...
Apr 15, 2025This vulnerability in Oracle Application Object Library allows unauthenticated attackers with network access via HTTP to read sensitive data from Orac...
Apr 15, 2025This critical vulnerability in Oracle E-Business Suite's iSurvey Module allows unauthenticated attackers to remotely execute arbitrary code and comple...
Apr 15, 2025This vulnerability in Oracle Communications Order and Service Management allows authenticated attackers with low privileges to manipulate data, read r...
Apr 15, 2025This vulnerability allows unauthenticated attackers to cause a denial of service (DoS) in Oracle Application Object Library by sending specially craft...
Apr 15, 2025This vulnerability in Oracle E-Business Suite's CRM User Management Framework allows unauthenticated attackers to remotely access sensitive data via H...
Apr 15, 2025This vulnerability in Oracle E-Business Suite's Applications Framework allows authenticated attackers with low privileges to upload malicious files vi...
Apr 15, 2025This vulnerability in Oracle Configurator allows unauthenticated attackers with network access via HTTP to compromise the system. It requires human in...
Apr 15, 2025A vulnerability in Oracle MySQL's mysqldump client allows low-privileged attackers with network access to potentially access or modify sensitive data....
Apr 15, 2025This vulnerability in Oracle MySQL Connector/J allows attackers with low privileges and network access to potentially take over the connector software...
Apr 15, 2025This vulnerability in Oracle E-Business Suite's User Management component allows unauthenticated attackers to access sensitive user data via HTTP. It ...
Apr 15, 2025This vulnerability in Oracle MySQL Cluster allows high-privileged attackers with network access to cause denial of service by crashing or hanging the ...
Apr 15, 2025This vulnerability in Oracle VM VirtualBox 7.1.6 allows a high-privileged attacker with local access to compromise the virtualization software, potent...
Apr 15, 2025This vulnerability in Oracle MySQL Connector/Python allows low-privileged attackers with network access to potentially access sensitive data through s...
Apr 15, 2025This vulnerability in Oracle Java SE and GraalVM's 2D component allows an unauthenticated attacker with network access to potentially compromise Java ...
Apr 15, 2025This vulnerability in Oracle Database's RAS Security component allows authenticated attackers with network access to compromise data confidentiality a...
Apr 15, 2025A vulnerability in Oracle MySQL Server's Components Services allows high-privileged attackers with network access to cause a denial of service by cras...
Apr 15, 2025This vulnerability in MySQL Server's optimizer component allows authenticated attackers with low privileges to cause a denial of service by crashing o...
Apr 15, 2025This vulnerability in Oracle Solaris 11's filesystem component allows a high-privileged attacker with local access to potentially take over the system...
Apr 15, 2025This vulnerability in Oracle iSupplier Portal allows authenticated attackers with low privileges to access sensitive data via HTTP. It affects Oracle ...
Apr 15, 2025This vulnerability in Oracle Database's XML Database component allows authenticated attackers with network access via HTTP to perform unauthorized dat...
Apr 15, 2025Why Monitor Oracle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 641+ known vulnerabilities affecting Oracle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oracle packages in under 60 seconds. No agents required - completely agentless scanning that works across Oracle deployments.
Free vulnerability database: Access detailed information about every Oracle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oracle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
