cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-21503,https://securityvulnerability.io/vulnerability/CVE-2022-21503,,Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N),Oracle,Oracle Cloud Infrastructure,4.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-06-17T20:20:11.000Z,0
CVE-2021-2319,https://securityvulnerability.io/vulnerability/CVE-2021-2319,,"Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Cloud Infrastructure Storage Gateway. While the vulnerability is in Oracle Cloud Infrastructure Storage Gateway, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Cloud Infrastructure Storage Gateway. Note: Updating the Oracle Cloud Infrastructure Storage Gateway to version 1.4 or later will address these vulnerabilities. Download the latest version of Oracle Cloud Infrastructure Storage Gateway from <a href="" https://www.oracle.com/downloads/cloud/oci-storage-gateway-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rs?type=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,false,false,false,,false,false,2021-04-22T21:54:03.000Z,0
CVE-2021-2317,https://securityvulnerability.io/vulnerability/CVE-2021-2317,,"Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Cloud Infrastructure Storage Gateway. While the vulnerability is in Oracle Cloud Infrastructure Storage Gateway, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Cloud Infrastructure Storage Gateway. Note: Updating the Oracle Cloud Infrastructure Storage Gateway to version 1.4 or later will address these vulnerabilities. Download the latest version of Oracle Cloud Infrastructure Storage Gateway from <a href="" https://www.oracle.com/downloads/cloud/oci-storage-gateway-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rs?type=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",Oracle,Cloud Infrastructure,10,CRITICAL,0.010459999553859234,false,false,false,false,,false,false,2021-04-22T21:54:03.000Z,0
CVE-2021-2318,https://securityvulnerability.io/vulnerability/CVE-2021-2318,,"Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Cloud Infrastructure Storage Gateway. While the vulnerability is in Oracle Cloud Infrastructure Storage Gateway, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Cloud Infrastructure Storage Gateway. Note: Updating the Oracle Cloud Infrastructure Storage Gateway to version 1.4 or later will address these vulnerabilities. Download the latest version of Oracle Cloud Infrastructure Storage Gateway from <a href="" https://www.oracle.com/downloads/cloud/oci-storage-gateway-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rs?type=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,false,false,false,,false,false,2021-04-22T21:54:03.000Z,0
CVE-2021-2320,https://securityvulnerability.io/vulnerability/CVE-2021-2320,,"Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Cloud Infrastructure Storage Gateway. While the vulnerability is in Oracle Cloud Infrastructure Storage Gateway, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Cloud Infrastructure Storage Gateway. Note: Updating the Oracle Cloud Infrastructure Storage Gateway to version 1.4 or later will address these vulnerabilities. Download the latest version of Oracle Cloud Infrastructure Storage Gateway from <a href="" https://www.oracle.com/downloads/cloud/oci-storage-gateway-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rs?type=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",Oracle,Cloud Infrastructure,9.1,CRITICAL,0.00279000005684793,false,false,false,false,,false,false,2021-04-22T21:54:03.000Z,0
CVE-2021-2256,https://securityvulnerability.io/vulnerability/CVE-2021-2256,,"Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Storage Cloud Software Appliance. While the vulnerability is in Oracle Storage Cloud Software Appliance, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Storage Cloud Software Appliance. Note: Updating the Oracle Storage Cloud Software Appliance to version 16.3.1.4.2 or later will address these vulnerabilities. Download the latest version of Oracle Storage Cloud Software Appliance from <a href="" https://www.oracle.com/downloads/cloud/oscsa-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rstype=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).",Oracle,Cloud Infrastructure,10,CRITICAL,0.010459999553859234,false,false,false,false,,false,false,2021-04-22T21:53:56.000Z,0
CVE-2021-2257,https://securityvulnerability.io/vulnerability/CVE-2021-2257,,"Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Storage Cloud Software Appliance. While the vulnerability is in Oracle Storage Cloud Software Appliance, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Storage Cloud Software Appliance accessible data. Note: Updating the Oracle Storage Cloud Software Appliance to version 16.3.1.4.2 or later will address these vulnerabilities. Download the latest version of Oracle Storage Cloud Software Appliance from <a href="" https://www.oracle.com/downloads/cloud/oscsa-downloads.html"">here. Refer to Document <a href=""https://support.oracle.com/rstype=doc&id=2768897.1"">2768897.1 for more details. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).",Oracle,Cloud Infrastructure,4.1,MEDIUM,0.0009399999980814755,false,false,false,false,,false,false,2021-04-22T21:53:56.000Z,0
CVE-2021-2138,https://securityvulnerability.io/vulnerability/CVE-2021-2138,,"Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook Sessions. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Cloud Infrastructure Data Science Notebook Sessions executes to compromise Oracle Cloud Infrastructure Data Science Notebook Sessions. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Cloud Infrastructure Data Science Notebook Sessions accessible data as well as unauthorized read access to a subset of Oracle Cloud Infrastructure Data Science Notebook Sessions accessible data. All affected customers were notified of CVE-2021-2138 by Oracle. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)",Oracle,Oracle Cloud Infrastructure Data Science Notebook Sessions,4.6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-03-03T05:50:14.000Z,0
CVE-2020-14874,https://securityvulnerability.io/vulnerability/CVE-2020-14874,,"Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure Identity and Access Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Cloud Infrastructure Identity and Access Management accessible data as well as unauthorized read access to a subset of Oracle Cloud Infrastructure Identity and Access Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Cloud Infrastructure Identity and Access Management.",Oracle,Oracle Cloud Infrastructure Identity And Access Management,4.7,MEDIUM,0.000910000002477318,false,false,false,false,,false,false,2020-12-22T21:40:14.000Z,0