cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-21557,https://securityvulnerability.io/vulnerability/CVE-2025-21557,Vulnerability in Oracle Application Express Affects Multiple Versions,"An exploitable vulnerability in Oracle Application Express allows a low privileged attacker with network access via HTTP to manipulate the application. Successful exploitation requires human interaction from an entity other than the attacker. While the vulnerability resides in Oracle Application Express, its repercussions may extend to other products, leading to unauthorized updates, inserts, or deletions of accessible data within the application. Furthermore, unauthorized read access to specific data sets within Oracle Application Express is also possible.",Oracle,Oracle Application Express,5.4,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:18.920Z,0
CVE-2024-21261,https://securityvulnerability.io/vulnerability/CVE-2024-21261,Oracle Application Express Vulnerability Affects 23.2 and 24.1 Versions,"Vulnerability in Oracle Application Express (component: General).  Supported versions that are affected are 23.2 and  24.1. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express.  While the vulnerability is in Oracle Application Express, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Application Express accessible data as well as  unauthorized read access to a subset of Oracle Application Express accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N).",Oracle,Oracle Application Express,4.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-10-15T19:52:54.588Z,0