threat
engine
.sh
Back
·
··:··
Home
/
Product
/
oracle database
Product
oracle database
71 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-21934
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficul
6.8
MEDIUM
CVE-2023-21829
all versions
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are
6.3
MEDIUM
CVE-2023-21827
all versions
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are
4.3
MEDIUM
CVE-2022-21596
all versions
Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. The supported version that is affecte
7.2
HIGH
CVE-2022-21565
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c.
6.5
MEDIUM
CVE-2022-21511
all versions
Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions tha
7.2
HIGH
CVE-2022-21510
all versions
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions tha
8.8
HIGH
CVE-2022-21432
all versions
Vulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions t
2.7
LOW
CVE-2020-35169
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Im
9.1
CRITICAL
CVE-2020-35168
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
4.7
MEDIUM
CVE-2020-35167
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
4.8
MEDIUM
CVE-2020-35166
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obs
5.1
MEDIUM
CVE-2020-35164
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
6.7
MEDIUM
CVE-2020-35163
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use o
5.3
MEDIUM
CVE-2020-29508
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Impr
5.3
MEDIUM
CVE-2020-29507
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Impr
5.3
MEDIUM
CVE-2020-29506
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Ob
6.8
MEDIUM
CVE-2020-26185
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.
7.5
HIGH
CVE-2022-21498
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c.
6.5
MEDIUM
CVE-2022-21411
all versions
Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Supported versions that are af
5.4
MEDIUM
CVE-2022-21410
all versions
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that
7.2
HIGH
CVE-2021-35558
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1,
4.3
MEDIUM
CVE-2021-35557
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1,
4.3
MEDIUM
CVE-2021-35551
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 19c an
5.5
MEDIUM
CVE-2021-2337
all versions
Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.
7.2
HIGH
CVE-2021-2336
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5
LOW
CVE-2021-2335
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5
LOW
CVE-2021-2334
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5
LOW
CVE-2021-2245
all versions
Vulnerability in the Oracle Database - Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions th
2.7
LOW
CVE-2021-2207
all versions
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affecte
2.3
LOW
CVE-2021-25329
all versions
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0
7.0
HIGH
CVE-2021-25122
all versions
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61
7.5
HIGH
CVE-2020-5360
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated rem
7.5
HIGH
CVE-2020-5359
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticat
5.8
MEDIUM
CVE-2020-14901
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 19c. Easily exp
4.9
MEDIUM
CVE-2020-2242
<= 1.6
A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to conn
6.5
MEDIUM
CVE-2020-2241
<= 1.6
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an att
8.8
HIGH
CVE-2020-2240
<= 1.6
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary
8.8
HIGH
CVE-2020-2978
all versions
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affecte
4.1
MEDIUM
CVE-2020-9484
all versions
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attack
7.0
HIGH
CVE-2019-3740
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities du
6.5
MEDIUM
CVE-2019-3739
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities durin
6.5
MEDIUM
CVE-2019-3738
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remo
6.5
MEDIUM
CVE-2019-2619
all versions
Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4,
8.2
HIGH
CVE-2019-2444
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Ea
8.2
HIGH
CVE-2019-2406
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 a
7.2
HIGH
CVE-2018-1288
all versions
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform a
5.4
MEDIUM
CVE-2017-10321
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 a
8.8
HIGH
CVE-2017-10292
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0
2.3
LOW
CVE-2017-10261
all versions
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.
6.5
MEDIUM
CVE-2017-10190
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and
8.2
HIGH
CVE-2017-10202
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.
9.9
CRITICAL
CVE-2017-3567
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Dif
5.3
MEDIUM
CVE-2017-3310
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Eas
9.0
CRITICAL
CVE-2016-5572
all versions
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidential
6.4
MEDIUM
CVE-2016-5497
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confiden
6.4
MEDIUM
CVE-2016-2183
all versions
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bou
7.5
HIGH
CVE-2016-3609
all versions
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authentic
9.0
CRITICAL
CVE-2016-3489
all versions
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows loca
6.7
MEDIUM
CVE-2016-3488
all versions
Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity v
4.4
MEDIUM
CVE-2016-3484
all versions
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.4
LOW
CVE-2016-3479
all versions
Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote atta
7.5
HIGH
CVE-2016-3454
all versions
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attack
9.0
CRITICAL
CVE-2016-0691
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.3
LOW
CVE-2016-0690
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.3
LOW
CVE-2016-0677
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers
5.9
MEDIUM
CVE-2014-3566
all versions
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easi
3.4
LOW
CVE-2010-0076
all versions
Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote au
CVE-2008-1814
all versions
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.
CVE-2007-6674
all versions
Cross-site scripting (XSS) vulnerability in Default.asp in RapidShare Database allows remote attackers to inject arbitrary web scr
CVE-2003-0449
all versions
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privil
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin