cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-21503,https://securityvulnerability.io/vulnerability/CVE-2022-21503,Unauthorized Access Vulnerability in Oracle Cloud Infrastructure by Oracle,"An exploitable vulnerability exists within Oracle Cloud Infrastructure, allowing high-privileged attackers with network access to compromise sensitive data. Attackers can gain unauthorized access to data stored in the cloud environment, leading to potential data breaches. Oracle has proactively informed all affected customers. It is crucial for users to assess their security measures and remain vigilant against potential exploit attempts.",Oracle,Oracle Cloud Infrastructure,4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-06-17T20:20:11.000Z,0
CVE-2021-2319,https://securityvulnerability.io/vulnerability/CVE-2021-2319,Management Console Vulnerability in Oracle Cloud Infrastructure Storage Gateway,"A vulnerability exists in the Management Console component of the Oracle Cloud Infrastructure Storage Gateway, which can be exploited by attackers with high privileges and network access. This flaw allows unauthorized manipulation, potentially leading to the takeover of the Oracle Cloud Infrastructure Storage Gateway. Attackers utilizing this vulnerability could compromise not just the storage gateway, but also other interconnected products. To remediate this issue, it is crucial to update the Oracle Cloud Infrastructure Storage Gateway to version 1.4 or later. For additional guidance, refer to Oracle's security alert.",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,,false,false,false,,,false,false,,2021-04-22T21:54:03.000Z,0
CVE-2021-2317,https://securityvulnerability.io/vulnerability/CVE-2021-2317,Vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console,"A vulnerability exists in the management console of Oracle Cloud Infrastructure Storage Gateway that allows unauthenticated attackers with network access via HTTP to compromise the system. This issue impacts versions prior to 1.4 and may lead to full takeover of the affected product. Successful exploitation can significantly affect the confidentiality, integrity, and availability of the service. Users are advised to update their systems to version 1.4 or higher to mitigate this risk.",Oracle,Cloud Infrastructure,10,CRITICAL,0.010459999553859234,false,,false,false,false,,,false,false,,2021-04-22T21:54:03.000Z,0
CVE-2021-2318,https://securityvulnerability.io/vulnerability/CVE-2021-2318,Vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console,"A vulnerability exists in the Management Console of the Oracle Cloud Infrastructure Storage Gateway that can be exploited by a high-privileged attacker with network access via HTTP. This flaw may lead to the compromise of the Oracle Cloud Infrastructure Storage Gateway, with potential broader impacts on connected products. To mitigate this vulnerability, it is crucial for users to upgrade to version 1.4 or later. For further details and to download the latest version, visit the official Oracle download page, and refer to the documentation for extensive information.",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,,false,false,false,,,false,false,,2021-04-22T21:54:03.000Z,0
CVE-2021-2320,https://securityvulnerability.io/vulnerability/CVE-2021-2320,Vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console,"A vulnerability exists in the Oracle Cloud Infrastructure Storage Gateway, specifically within the Management Console component, impacting versions prior to 1.4. This flaw can be easily exploited by a high-privileged attacker with network access via HTTP, leading to a potential takeover of the Oracle Cloud Infrastructure Storage Gateway. Although the vulnerability is contained within the Storage Gateway product, its repercussions could affect other related products as well. To safeguard your systems from this vulnerability, it is crucial to update to version 1.4 or later. For more details, refer to Oracle's official documentation.",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,,false,false,false,,,false,false,,2021-04-22T21:54:03.000Z,0
CVE-2021-2257,https://securityvulnerability.io/vulnerability/CVE-2021-2257,Oracle Storage Cloud Software Appliance Vulnerability Exposes Data,"A vulnerability exists in the Oracle Storage Cloud Software Appliance that could allow a high-privileged attacker with network access via HTTP to potentially gain unauthorized read access to sensitive data. This issue primarily affects versions prior to 16.3.1.4.2. It is crucial for users to promptly update their systems to the latest version to mitigate risks associated with this vulnerability. For further information and updates, users are encouraged to refer to Oracle’s official documentation.",Oracle,Cloud Infrastructure,4.1,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:56.000Z,0
CVE-2021-2256,https://securityvulnerability.io/vulnerability/CVE-2021-2256,Unauthenticated Remote Code Execution in Oracle Storage Cloud Software Appliance,"An unauthenticated remote code execution vulnerability exists in the Management Console of Oracle Storage Cloud Software Appliance prior to version 16.3.1.4.2. This flaw allows an attacker with network access over HTTP to compromise the appliance. Exploiting this vulnerability can lead to significant impacts on confidentiality, integrity, and availability, enabling attackers to potentially take control of the appliance and affect additional interconnected products. For protection, it is essential to update the appliance to version 16.3.1.4.2 or later. For more information, refer to Oracle's security alerts.",Oracle,Cloud Infrastructure,10,CRITICAL,0.010459999553859234,false,,false,false,false,,,false,false,,2021-04-22T21:53:56.000Z,0
CVE-2021-2138,https://securityvulnerability.io/vulnerability/CVE-2021-2138,Vulnerability in Oracle Cloud Infrastructure Data Science Notebook Sessions,"This vulnerability in Oracle Cloud Infrastructure Data Science Notebook Sessions allows a low privileged attacker, with network access, to exploit weaknesses in the system. Attackers could gain unauthorized access to data through update, insert, or delete operations, as well as unauthorized read access to accessible data subsets. The flaw emphasizes the importance of securing physical communication segments to ensure data integrity and confidentiality within Oracle's cloud infrastructure.",Oracle,Oracle Cloud Infrastructure Data Science Notebook Sessions,4.6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-03-03T05:50:14.000Z,0
CVE-2020-14874,https://securityvulnerability.io/vulnerability/CVE-2020-14874,Vulnerability in Oracle Cloud Infrastructure Identity and Access Management,"A vulnerability exists within Oracle Cloud Infrastructure Identity and Access Management that can be exploited by a high privileged attacker with network access. This flaw allows for unauthorized updates, insertions, or deletions of accessible data. Additionally, it can lead to unauthorized read access to certain data and the ability to partially disrupt services, resulting in a significant risk to cloud service integrity and availability.",Oracle,Oracle Cloud Infrastructure Identity And Access Management,4.7,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2020-12-22T21:40:14.000Z,0