Oracle Security Vulnerabilities (CVEs)
Track 654 security vulnerabilities affecting Oracle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Oracle MySQL Server's Prepared Statements component allows high-privileged attackers with network access to cause a denial of se...
Apr 15, 2025A vulnerability in MySQL Server's optimizer component allows authenticated attackers with low privileges to cause denial of service by crashing or han...
Apr 15, 2025This vulnerability in MySQL Server's replication component allows high-privileged attackers with network access to cause a denial of service by crashi...
Apr 15, 2025This vulnerability in Oracle Hospitality Simphony allows authenticated attackers with low privileges to access sensitive data, modify information, and...
Apr 15, 2025This vulnerability in MySQL Server's optimizer component allows high-privileged attackers with network access to cause a denial of service (DoS) by cr...
Apr 15, 2025This vulnerability in Java Secure Socket Extension (JSSE) allows attackers to manipulate or access critical data in Java applications. It affects mult...
Apr 15, 2025This vulnerability in MySQL Server allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hanging the ...
Apr 15, 2025This vulnerability in MySQL Server's optimizer component allows high-privileged attackers with network access to cause a denial of service by crashing...
Apr 15, 2025This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hangi...
Apr 15, 2025This vulnerability in MySQL Server's InnoDB component allows authenticated attackers with low privileges to cause a denial of service (DoS) by crashin...
Apr 15, 2025This vulnerability in Oracle Financial Services Revenue Management and Billing's Chatbot component allows authenticated high-privilege attackers to ma...
Apr 15, 2025A vulnerability in MySQL Server's parser component allows low-privileged attackers with network access to cause denial of service by crashing or hangi...
Apr 15, 2025This vulnerability in Oracle Life Sciences Argus Safety 8.2.3 allows unauthenticated attackers with network access to compromise the system via HTTP. ...
Jan 21, 2025This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to compromise the virtualization software, potentially ...
Jan 21, 2025This vulnerability in Oracle PeopleSoft Enterprise CC Common Application Objects allows authenticated attackers with low privileges to read sensitive ...
Jan 21, 2025This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges to access sensitive data or cause denial of servic...
Jan 21, 2025An unauthenticated remote attacker can exploit this vulnerability in Oracle Agile PLM Framework to access sensitive data without authorization. This a...
Jan 21, 2025This vulnerability in Oracle MySQL Server's optimizer component allows attackers with low-privileged network access to cause a denial of service (DoS)...
Jan 21, 2025This vulnerability in Oracle Hyperion Data Relationship Management allows high-privileged attackers with network access to gain unauthorized access to...
Jan 21, 2025An unauthenticated attacker can exploit this vulnerability via HTTP to read sensitive data from Oracle Communications Order and Service Management. Th...
Jan 21, 2025This critical vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges to completely compromise the system via H...
Jan 21, 2025This vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management allows authenticated attackers with low privileges to perform unauth...
Jan 21, 2025This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges to access sensitive data via HTTP. It affects orga...
Jan 21, 2025This vulnerability in Oracle Hospitality OPERA 5 allows unauthenticated attackers with network access via HTTP to access sensitive data or cause denia...
Jan 21, 2025This vulnerability allows unauthenticated attackers to cause a denial of service (DoS) on Oracle WebLogic Server 14.1.1.0.0 by sending specially craft...
Jan 21, 2025This is a cross-site request forgery (CSRF) vulnerability in Oracle Financial Services Behavior Detection Platform's Web UI. Unauthenticated attackers...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Orchestrator allows authenticated attackers with low privileges to access sensitive data via HTT...
Jan 21, 2025This vulnerability in Oracle PeopleSoft Enterprise FIN eSettlements 9.2 allows authenticated attackers with low privileges to modify or delete some da...
Jan 21, 2025This vulnerability in Oracle Workflow (part of Oracle E-Business Suite) allows authenticated attackers with low privileges to modify or delete some da...
Jan 21, 2025This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hangi...
Jan 21, 2025This vulnerability allows unauthenticated attackers to cause denial of service (DoS) attacks against Oracle PeopleSoft Enterprise PeopleTools by sendi...
Jan 21, 2025This vulnerability in Oracle Analytics Desktop allows local attackers with low privileges to completely compromise the application, potentially gainin...
Jan 21, 2025This vulnerability in Oracle VM VirtualBox allows a low-privileged attacker with local access to the host system to access sensitive data from Virtual...
Jan 21, 2025CVE-2025-21535 is a critical vulnerability in Oracle WebLogic Server that allows unauthenticated attackers to remotely execute arbitrary code and comp...
Jan 21, 2025This vulnerability in Oracle PeopleSoft Enterprise FIN Cash Management allows authenticated attackers with low privileges to modify or delete some dat...
Jan 21, 2025This critical vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to completely compr...
Jan 21, 2025This is a Cross-Site Request Forgery (CSRF) vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Web Access. It allows authent...
Jan 21, 2025This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Web Access. Unauth...
Jan 21, 2025This vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows authenticated attackers with low privileges to read sensitive data they shouldn'...
Jan 21, 2025This vulnerability in Oracle Customer Care allows authenticated attackers with low privileges to perform unauthorized data manipulation and access via...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to modify data via HTTP requests. It af...
Jan 21, 2025This vulnerability in Oracle MySQL Server's privilege management component allows high-privileged attackers with network access to cause denial of ser...
Jan 21, 2025This vulnerability in MySQL Server's thread pooling component allows unauthenticated attackers with network access to cause a denial of service by cra...
Jan 21, 2025A vulnerability in MySQL Server's parser component allows authenticated attackers with network access to cause denial of service by crashing or hangin...
Jan 21, 2025This vulnerability allows authenticated attackers with low privileges to cause a denial of service (DoS) in Oracle JD Edwards EnterpriseOne Tools by s...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to remotely access sensitive data via HTTP. It affects We...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to remotely access sensitive data via HTTP. It affects al...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to manipulate or view data by tricking users into interac...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to read sensitive data. It a...
Jan 21, 2025This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to completely compromise the system via...
Jan 21, 2025Why Monitor Oracle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 654+ known vulnerabilities affecting Oracle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oracle packages in under 60 seconds. No agents required - completely agentless scanning that works across Oracle deployments.
Free vulnerability database: Access detailed information about every Oracle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oracle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
