← Back to News Iceland Security Dashboard Browse all tags
oracle

Oracle

weblogic-server 13weblogic server 12java-se 8java se 7mysql-server 6fusion middleware 6java-runtime-environment 4java runtime environment (jre) 4solaris 3fusion-middleware 3e-business-suite 3e-business suite 3virtualbox 2agile product lifecycle management (plm) 2solaris and zettabyte file system (zfs) 1peoplesoft-erp 1peoplesoft-enterprise-peopletools 1peoplesoft-enterprise-hcm-shared-components 1oracle-application-development-framework 1multiple products 1

CVEs tagged with this vendor (59)

CVE-2008-3431 🚨 VirtualBox
CVE-2008-3431 is a local privilege escalation vulnerability in Sun xVM VirtualBox versions prior to 1.6.4, caused by improper validation of buffer data in the V…
CVE-2010-0840 🚨 Java Runtime Environment (JRE)
CVE-2010-0840 is a critical remote code execution vulnerability in Oracle Java SE and Java for Business versions 6 Update 18, 5.0 Update 23, and 1.4.2_25. The f…
CVE-2011-3544 🚨 Java SE JDK and JRE
CVE-2011-3544 is a critical vulnerability in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier, allowing remote untrusted Java Web Start applications and…
CVE-2012-0507 🚨 Java SE
CVE-2012-0507 is a critical vulnerability in Oracle Java SE versions 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier, affecting t…
CVE-2012-0518 🚨 Fusion Middleware
CVE-2012-0518 is a medium severity vulnerability (CVSS 4.7) in Oracle Fusion Middleware 10.1.4.3.0 affecting the Application Server Single Sign-On component. It…
CVE-2012-1710 🚨 Fusion Middleware
CVE-2012-1710 is a critical vulnerability in Oracle Fusion Middleware 10.1.3.5 affecting the WebCenter Forms Recognition Designer component, allowing remote att…
CVE-2012-1723 🚨 Java SE
CVE-2012-1723 is a critical vulnerability in Oracle Java SE affecting versions 7u4 and earlier, 6u32 and earlier, 5u35 and earlier, and 1.4.2_37 and earlier. Th…
CVE-2012-3152 🚨 Fusion Middleware
CVE-2012-3152 is a critical vulnerability in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 affecting the Oracle Reports Developer component. It allo…
CVE-2012-4681 🚨 Java SE
CVE-2012-4681 is a critical remote code execution vulnerability in Oracle Java SE 7 Update 6 and earlier, affecting the Java Runtime Environment. It allows atta…
CVE-2012-5076 🚨 Java SE
CVE-2012-5076 is a critical vulnerability in Oracle Java SE 7 Update 7 and earlier, specifically affecting the JAX-WS component of the Java Runtime Environment.…
CVE-2013-0422 🚨 Java Runtime Environment (JRE)
CVE-2013-0422 is a critical remote code execution vulnerability in Oracle Java 7 prior to Update 11, involving flaws in the JMX MBean server and the Reflection …
CVE-2013-0431 🚨 Java Runtime Environment (JRE)
CVE-2013-0431 is a medium severity vulnerability (CVSS 5.3) in Oracle Java SE 7 through Update 11 and OpenJDK 7 that allows user-assisted remote attackers to by…
CVE-2013-2423 🚨 Java Runtime Environment (JRE)
CVE-2013-2423 is a vulnerability in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, affecting the Java Runtime Environment (JRE) HotSpot component. It al…
CVE-2013-2465 🚨 Java SE
CVE-2013-2465 is a critical vulnerability in Oracle Java SE affecting versions 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, …
CVE-2015-2590 🚨 Java SE
CVE-2015-2590 is a critical vulnerability in Oracle Java SE versions 6u95, 7u80, and 8u45, as well as Java SE Embedded 7u75 and 8u33, allowing remote attackers …
CVE-2015-4852 🚨 WebLogic Server
CVE-2015-4852 is a critical remote code execution vulnerability in Oracle WebLogic Server versions 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0, caused by insecur…
CVE-2015-4902 🚨 Java SE
CVE-2015-4902 is a medium severity vulnerability in Oracle Java SE versions 6u101, 7u85, and 8u60 affecting integrity via unknown vectors related to Deployment.…
CVE-2016-3427 🚨 Java SE and JRockit
CVE-2016-3427 is a critical vulnerability in Oracle Java SE 6u113, 7u99, 8u77, Java SE Embedded 8u77, and JRockit R28.3.9 affecting confidentiality, integrity, …
CVE-2017-10271 🚨 WebLogic Server
CVE-2017-10271 is a high-severity vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, and 12.2.1.2.0. It allows unaut…
CVE-2017-3506 🚨 WebLogic Server
CVE-2017-3506 is a command injection vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1, and 12.2.1.2. It allows …
CVE-2018-2628 🚨 WebLogic Server
CVE-2018-2628 is a critical vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0, 12.1.3.0, 12.2.1.2, and 12.2.1.3. It allows unauthenticated att…
CVE-2019-2616 🚨 BI Publisher (Formerly XML Publisher)
CVE-2019-2616 is a HIGH severity vulnerability in Oracle Fusion Middleware BI Publisher versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0, allowing unauthenticate…
CVE-2019-2725 🚨 WebLogic Server
CVE-2019-2725 is a critical vulnerability in Oracle WebLogic Server that has been actively exploited in the wild, as indicated by its inclusion in CISA's Known …
CVE-2019-3010 🚨 Solaris
CVE-2019-3010 is a high-severity vulnerability in Oracle Solaris 11 affecting the XScreenSaver component, allowing low-privileged attackers with local logon acc…
CVE-2020-14644 🚨 WebLogic Server
CVE-2020-14644 is a critical vulnerability in Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0, allowing unauthenticated attackers to comp…
CVE-2020-14750 🚨 WebLogic Server
CVE-2020-14750 is a critical vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It allow…
CVE-2020-14864 🚨 Intelligence Enterprise Edition
CVE-2020-14864 is an actively exploited vulnerability in Oracle Intelligence Enterprise Edition, listed on CISA's Known Exploited Vulnerabilities catalog with a…
CVE-2020-14871 🚨 Solaris and Zettabyte File System (ZFS)
CVE-2020-14871 is a critical vulnerability in Oracle Solaris versions 10 and 11 affecting the Pluggable authentication module, classified as a memory corruption…
CVE-2020-14882 🚨 WebLogic Server
CVE-2020-14882 is a critical vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It allow…
CVE-2020-14883 🚨 WebLogic Server
CVE-2020-14883 is a high-severity vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It …
CVE-2020-2551 🚨 Fusion Middleware
CVE-2020-2551 is a critical vulnerability in Oracle WebLogic Server (versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0) affecting the WLS Core Compone…
CVE-2020-2555 🚨 Multiple Products
CVE-2020-2555 is a critical vulnerability in Oracle Coherence affecting versions 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0, classified under CWE-502 (Dese…
CVE-2020-2883 🚨 WebLogic Server
CVE-2020-2883 is a critical vulnerability in Oracle WebLogic Server affecting versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and 12.2.1.4.0, allowing unauthentica…
CVE-2021-35587 🚨 Fusion Middleware
CVE-2021-35587 is a critical vulnerability in Oracle Access Manager (versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0) affecting the OpenSSO Agent component. It …
CVE-2022-21445 🚨 ADF Faces
CVE-2022-21445 is a critical vulnerability in Oracle Application Development Framework (ADF) Faces, affecting versions 12.2.1.3.0 and 12.2.1.4.0, classified und…
CVE-2022-21587 🚨 E-Business Suite
CVE-2022-21587 is a critical vulnerability in Oracle E-Business Suite Web Applications Desktop Integrator (versions 12.2.3-12.2.11) allowing unauthenticated att…
CVE-2023-21839 🚨 WebLogic Server
CVE-2023-21839 is a high-severity vulnerability (CVSS 7.5) affecting Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It allows unauthent…
CVE-2024-20953 🚨 Agile Product Lifecycle Management (PLM)
CVE-2024-20953 is a high-severity vulnerability (CVSS 8.8) in Oracle Agile PLM version 9.3.6 affecting the Export component. It allows a low-privileged attacker…
CVE-2024-21182 🚨 WebLogic Server
CVE-2024-21182 is a high-severity vulnerability in Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, allowing unauthenticated attackers to compromise t…
CVE-2024-21287 🚨 Agile Product Lifecycle Management (PLM)
CVE-2024-21287 is a high-severity vulnerability (CVSS 7.5) in Oracle Agile PLM Framework version 9.3.6, affecting the Software Development Kit Process Extension…
CVE-2025-61757 🚨 Fusion Middleware
CVE-2025-61757 is a critical vulnerability in Oracle Fusion Middleware Identity Manager (versions 12.2.1.4.0 and 14.1.2.1.0) affecting the REST WebServices comp…
CVE-2025-61882 🚨 E-Business Suite
CVE-2025-61882 is a critical vulnerability in Oracle E-Business Suite's Concurrent Processing product, specifically affecting BI Publisher Integration in versio…
CVE-2025-61884 🚨 E-Business Suite
CVE-2025-61884 is a high-severity vulnerability in Oracle E-Business Suite Configurator Runtime UI versions 12.2.3 through 12.2.14, allowing unauthenticated att…
CVE-2026-21992 CVSS 9.8 identity_manager
CVE-2026-35255 CVSS 6.6 cloud_native_environment_command_line_interface
CVE-2026-35254 CVSS 6.1 cloud_infrastructure_cli
CVE-2026-35253 CVSS 4.7 macoron
CVE-2026-21932
CVE-2026-21932 is a high-severity vulnerability in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition affecting components AWT and Ja…
CVE-2026-21999
Oracle Database Server versions 23.4.0 through 23.26.1 contain a vulnerability in the XML Database component classified as CWE-200. This medium severity issue (…
CVE-2026-22001
CVE-2026-22001 is a low-severity information disclosure vulnerability in Oracle MySQL Server versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0. It allows high…
CVE-2026-22019
CVE-2026-22019 is a medium severity vulnerability (CVSS 5.4) in Oracle PeopleSoft Enterprise HCM Shared Components version 9.2, specifically affecting the Perso…
CVE-2026-34266
CVE-2026-34266 is a medium severity vulnerability (CVSS 6.5) in Oracle PeopleSoft Enterprise HCM Absence Management version 9.2, classified under CWE-306 (Failu…
CVE-2026-34267
CVE-2026-34267 is a medium severity vulnerability (CVSS 4.9) in Oracle MySQL Server versions 8.0.0 through 8.0.45, specifically within the Server Optimizer comp…
CVE-2026-34269
CVE-2026-34269 is a medium severity vulnerability (CVSS 6.1) in Oracle PeopleSoft Enterprise PeopleTools versions 8.61 through 8.62, specifically within the Por…
CVE-2026-34278
Oracle MySQL Server versions 8.0.0 through 8.0.45 contain a vulnerability in the Server Optimizer component classified under CWE-400. This issue allows a high-p…
CVE-2026-34279
Oracle Enterprise Manager Base Platform versions 13.5 and 24.1 are affected by a critical vulnerability (CVE-2026-34279) classified as CWE-306, an authenticatio…
CVE-2026-34303
CVE-2026-34303 is a medium severity vulnerability (CVSS 3.1 score 6.5) in Oracle MySQL Server versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0. It is classif…
CVE-2026-34308
Oracle MySQL Server versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0 contain a denial-of-service vulnerability in the Server JSON component. This issue, clas…
CVE-2026-35237
Oracle MySQL Server versions 8.0.0-8.0.45, 8.4.0-8.4.8, and 9.0.0-9.6.0 are affected by a vulnerability in the InnoDB component. This issue allows a high-privil…

Articles tagged with Oracle (30)

CRITICAL
Two-year old Oracle WebLogic Server vulnerability is being exploited
CSO Online · 2026-06-02
CRITICAL
CISA flags two-year-old Oracle flaw as actively exploited in attacks
BleepingComputer · 2026-06-02
CRITICAL
Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’
CSO Online · 2026-06-01
HIGH
NCSC-2026-0170 [1.00] [M/H] Kwetsbaarheden verholpen in Oracle E-Business Suite componenten
NCSC Netherlands · 2026-05-29
CRITICAL
[NEU] [hoch] Oracle REST Data Services: Mehrere Schwachstellen
BSI Germany · 2026-05-29
CRITICAL
[NEU] [hoch] Oracle Database Server: Mehrere Schwachstellen
BSI Germany · 2026-05-29
CRITICAL
May 2026 Patch Tuesday
Ivanti Security · 2026-05-12
CRITICAL
[UPDATE] [hoch] Oracle Fusion Middleware: Mehrere Schwachstellen
BSI Germany · 2026-05-08
MEDIUM
Oracle Solaris 11.4 SRU92 released
OSnews · 2026-04-22
CRITICAL
Oracle Critical Patch Update, April 2026 Security Update Review
Qualys Research · 2026-04-22
HIGH
NCSC-2026-0127 [1.00] [M/H] Kwetsbaarheden verholpen in Oracle PeopleSoft
NCSC Netherlands · 2026-04-22
MEDIUM
NCSC-2026-0126 [1.00] [M/H] Kwetsbaarheden verholpen in Oracle E-Business Suite
NCSC Netherlands · 2026-04-22
HIGH
NCSC-2026-0125 [1.00] [M/H] Kwetsbaarheden verholpen in Oracle Enterprise Manager
NCSC Netherlands · 2026-04-22
HIGH
NCSC-2026-0124 [1.00] [M/H] Kwetsbaarheden verholpen in Oracle Identity Manager Connector
NCSC Netherlands · 2026-04-22
CRITICAL
[NEU] [hoch] Oracle Financial Services Applications: Mehrere Schwachstellen
BSI Germany · 2026-04-22
CRITICAL
[NEU] [hoch] Oracle Enterprise Manager: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle Hyperion: Mehrere Schwachstellen
BSI Germany · 2026-04-22
CRITICAL
[NEU] [hoch] Oracle Fusion Middleware: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle JD Edwards: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle Java SE: Mehrere Schwachstellen
BSI Germany · 2026-04-22
CRITICAL
[NEU] [hoch] Oracle MySQL: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle Database Server: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle TimesTen In-Memory Database: Schwachstelle gefährdet Vertraulichkeit und Integrität
BSI Germany · 2026-04-22
HIGH
[NEU] [mittel] Oracle REST Data Services: Mehrere Schwachstellen
BSI Germany · 2026-04-22
HIGH
Oracle Patches 450 Vulnerabilities With April 2026 CPU
SecurityWeek · 2026-04-22
HIGH
Multiples vulnérabilités dans Oracle Virtualization (22 avril 2026)
CERT-FR (ANSSI) · 2026-04-22
HIGH
Multiples vulnérabilités dans Oracle Java SE (22 avril 2026)
CERT-FR (ANSSI) · 2026-04-22
HIGH
Multiples vulnérabilités dans Oracle MySQL (22 avril 2026)
CERT-FR (ANSSI) · 2026-04-22
HIGH
Multiples vulnérabilités dans Oracle Weblogic (22 avril 2026)
CERT-FR (ANSSI) · 2026-04-22
HIGH
Multiples vulnérabilités dans Oracle Systems (22 avril 2026)
CERT-FR (ANSSI) · 2026-04-22