Home/Product/oracle database
Product

oracle database

69 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-21934
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficul
6.8MEDIUM
 CVE-2023-21829
all versions
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are
6.3MEDIUM
 CVE-2023-21827
all versions
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are
4.3MEDIUM
 CVE-2022-21596
all versions
Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. The supported version that is affecte
7.2HIGH
 CVE-2022-21565
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c.
6.5MEDIUM
 CVE-2022-21511
all versions
Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions tha
7.2HIGH
 CVE-2022-21510
all versions
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions tha
8.8HIGH
 CVE-2022-21432
all versions
Vulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions t
2.7LOW
 CVE-2020-35169
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Im
9.1CRITICAL
 CVE-2020-35168
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
4.7MEDIUM
 CVE-2020-35167
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
4.8MEDIUM
 CVE-2020-35166
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obs
5.1MEDIUM
 CVE-2020-35164
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Obse
6.7MEDIUM
 CVE-2020-35163
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use o
5.3MEDIUM
 CVE-2020-29508
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Impr
5.3MEDIUM
 CVE-2020-29507
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Impr
5.3MEDIUM
 CVE-2020-29506
all versions
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Ob
6.8MEDIUM
 CVE-2020-26185
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.
7.5HIGH
 CVE-2022-21498
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c.
6.5MEDIUM
 CVE-2022-21411
all versions
Vulnerability in the RDBMS Gateway / Generic ODBC Connectivity component of Oracle Database Server. Supported versions that are af
5.4MEDIUM
 CVE-2022-21410
all versions
Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. The supported version that
7.2HIGH
 CVE-2021-35558
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1,
4.3MEDIUM
 CVE-2021-35557
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1,
4.3MEDIUM
 CVE-2021-35551
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 19c an
5.5MEDIUM
 CVE-2021-2337
all versions
Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.
7.2HIGH
 CVE-2021-2336
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5LOW
 CVE-2021-2335
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5LOW
 CVE-2021-2334
all versions
Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions t
3.5LOW
 CVE-2021-2245
all versions
Vulnerability in the Oracle Database - Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions th
2.7LOW
 CVE-2021-2207
all versions
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affecte
2.3LOW
 CVE-2021-25329
all versions
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0
7.0HIGH
 CVE-2021-25122
all versions
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61
7.5HIGH
 CVE-2020-5360
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated rem
7.5HIGH
 CVE-2020-5359
all versions
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticat
5.8MEDIUM
 CVE-2020-14901
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 19c. Easily exp
4.9MEDIUM
 CVE-2020-2978
all versions
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affecte
4.1MEDIUM
 CVE-2020-9484
all versions
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attack
7.0HIGH
 CVE-2019-3740
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities du
6.5MEDIUM
 CVE-2019-3739
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities durin
6.5MEDIUM
 CVE-2019-3738
all versions
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remo
6.5MEDIUM
 CVE-2019-2619
all versions
Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4,
8.2HIGH
 CVE-2019-2444
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Ea
8.2HIGH
 CVE-2019-2406
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 a
7.2HIGH
 CVE-2018-1288
all versions
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform a
5.4MEDIUM
 CVE-2017-10321
all versions
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 a
8.8HIGH
 CVE-2017-10292
all versions
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0
2.3LOW
 CVE-2017-10261
all versions
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.
6.5MEDIUM
 CVE-2017-10190
all versions
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and
8.2HIGH
 CVE-2017-10202
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.
9.9CRITICAL
 CVE-2017-3567
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Dif
5.3MEDIUM
 CVE-2017-3310
all versions
Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Eas
9.0CRITICAL
 CVE-2016-5572
all versions
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidential
6.4MEDIUM
 CVE-2016-5497
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confiden
6.4MEDIUM
 CVE-2016-2183
all versions
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bou
7.5HIGH
 CVE-2016-3609
all versions
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authentic
9.0CRITICAL
 CVE-2016-3489
all versions
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows loca
6.7MEDIUM
 CVE-2016-3488
all versions
Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity v
4.4MEDIUM
 CVE-2016-3484
all versions
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.4LOW
 CVE-2016-3479
all versions
Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote atta
7.5HIGH
 CVE-2016-3454
all versions
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attack
9.0CRITICAL
 CVE-2016-0691
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.3LOW
 CVE-2016-0690
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local
3.3LOW
 CVE-2016-0677
all versions
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers
5.9MEDIUM
 CVE-2014-3566
all versions
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easi
3.4LOW
 CVE-2010-0076
all versions
Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote au
 CVE-2008-2611
all versions
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, an
 CVE-2008-2600
all versions
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact a
 CVE-2008-2592
all versions
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10
 CVE-2008-1814
all versions
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin