cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21093,https://securityvulnerability.io/vulnerability/CVE-2024-21093,Java VM Vulnerability Affects Oracle Database Server,"A vulnerability exists in the Java VM component of Oracle Database Server that could allow a low-privileged attacker with limited privileges, such as Create Session and Create Procedure, to exploit flaws with network access through Oracle Net. If successfully exploited, this vulnerability may lead to unauthorized access to confidential data or provide complete access to all information accessible via the Java VM. Users of affected versions should ensure their systems are updated to mitigate potential security risks.",Oracle,Java Virtual Machine,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2023-21908,https://securityvulnerability.io/vulnerability/CVE-2023-21908,Vulnerability in Oracle Banking Virtual Account Management by Oracle,"A vulnerability exists in the Oracle Banking Virtual Account Management product, affecting versions 14.5, 14.6, and 14.7. This security flaw allows an attacker with network access to compromise the system, requiring human interaction from a third party for successful exploitation. Attackers may gain unauthorized access to sensitive data, with the potential to manipulate or delete critical information. Additionally, this vulnerability may enable attackers to cause service disruption, leading to denial of service conditions within the Oracle Banking Virtual Account Management system. Organizations utilizing these versions are advised to implement security measures urgently.",Oracle,Banking Virtual Account Management,6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21905,https://securityvulnerability.io/vulnerability/CVE-2023-21905,Vulnerability in Oracle Banking Virtual Account Management by Oracle,"A vulnerability exists in the Routing Hub component of Oracle Banking Virtual Account Management that allows an attacker with high privileges and network access via HTTP to exploit weaknesses within the system. This vulnerability necessitates human interaction from a user other than the attacker, which could lead to unauthorized creation, modification, or deletion of critical data. Successful exploitation would grant the attacker access to sensitive information across all Oracle Banking Virtual Account Management accessible data, posing a significant risk to the confidentiality and integrity of financial information.",Oracle,Banking Virtual Account Management,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21904,https://securityvulnerability.io/vulnerability/CVE-2023-21904,Vulnerability in Oracle Banking Virtual Account Management by Oracle,"A vulnerability exists in Oracle Banking Virtual Account Management that allows a high-privileged attacker with network access to exploit the system. This issue requires human interaction from a user other than the attacker, making it somewhat challenging to initiate. Successful exploitation can lead to unauthorized access to sensitive data and give attackers the ability to perform updates, inserts, or deletions of accessible data, potentially resulting in partial denial of service. Organizations using supported versions 14.5, 14.6, and 14.7 should prioritize applying available patches to mitigate these risks.",Oracle,Banking Virtual Account Management,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21903,https://securityvulnerability.io/vulnerability/CVE-2023-21903,Vulnerability in Oracle Banking Virtual Account Management Product,"A vulnerability exists in the Oracle Banking Virtual Account Management product that may allow a high-privileged attacker with network access via HTTP to compromise the system. Exploitation of this vulnerability requires human interaction from a third-party, leading to unauthorized access to sensitive data and the ability to update, insert, or delete records. Additionally, the attacker could cause a partial denial of service, impacting the availability of services. Supported versions 14.5, 14.6, and 14.7 are affected.",Oracle,Banking Virtual Account Management,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21906,https://securityvulnerability.io/vulnerability/CVE-2023-21906,Vulnerability in Oracle Banking Virtual Account Management SMS Module,"A security vulnerability exists in the Oracle Banking Virtual Account Management product within the SMS Module, allowing an attacker with high privileges and network access via HTTP to manipulate critical data. This vulnerability necessitates human interaction from a user other than the attacker to be successfully exploited. If successful, the attacker may create, delete, or modify access to all data accessible within Oracle Banking Virtual Account Management, potentially leading to unauthorized access to sensitive information.",Oracle,Banking Virtual Account Management,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21907,https://securityvulnerability.io/vulnerability/CVE-2023-21907,Vulnerability in Oracle Banking Virtual Account Management by Oracle,"A vulnerability exists in Oracle Banking Virtual Account Management, a part of Oracle Financial Services Applications, affecting versions 14.5, 14.6, and 14.7. This vulnerability may be exploited by a privileged attacker with network access to compromise the system. Exploitation necessitates human interaction from a third party, allowing attackers to gain unauthorized access to sensitive data. Attackers could potentially update, insert, or delete critical data and even cause system instability, resulting in denial of service. Robust security measures are highly recommended to safeguard against these risks.",Oracle,Banking Virtual Account Management,6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2018-3253,https://securityvulnerability.io/vulnerability/CVE-2018-3253,,"Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Manager). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Virtual Directory. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Virtual Directory accessible data as well as unauthorized read access to a subset of Oracle Virtual Directory accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Virtual Directory. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).",Oracle,Virtual Directory,8.5,HIGH,0.0022700000554323196,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2017-10369,https://securityvulnerability.io/vulnerability/CVE-2017-10369,,"Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Virtual Directory. Successful attacks of this vulnerability can result in takeover of Oracle Virtual Directory. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",Oracle,Oracle Virtual Directory,7.5,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2015-4852,https://securityvulnerability.io/vulnerability/CVE-2015-4852,,"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",Oracle,Virtual Desktop Infrastructure,9.8,CRITICAL,0.9678199887275696,true,2021-11-03T00:00:00.000Z,false,false,true,2020-11-16T05:30:04.000Z,true,false,false,,2015-11-18T15:00:00.000Z,0
CVE-2015-4727,https://securityvulnerability.io/vulnerability/CVE-2015-4727,,"Unspecified vulnerability in Oracle Virtualization Sun Ray Software before 5.4.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.",Oracle,Virtualization Sun Ray,,,0.005200000014156103,false,,false,false,false,,,false,false,,2015-07-16T10:00:00.000Z,0
CVE-2015-2581,https://securityvulnerability.io/vulnerability/CVE-2015-2581,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.,Oracle,Virtualization,,,0.0020600000862032175,false,,false,false,false,,,false,false,,2015-07-16T10:00:00.000Z,0
CVE-2014-2472,https://securityvulnerability.io/vulnerability/CVE-2014-2472,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2474, CVE-2014-2476, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-2476,https://securityvulnerability.io/vulnerability/CVE-2014-2476,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-2474,https://securityvulnerability.io/vulnerability/CVE-2014-2474,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2476, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-6459,https://securityvulnerability.io/vulnerability/CVE-2014-6459,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-2476.",Oracle,Virtualization,,,0.007459999993443489,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-2475,https://securityvulnerability.io/vulnerability/CVE-2014-2475,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).",Oracle,Virtualization,,,0.0023499999660998583,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-2473,https://securityvulnerability.io/vulnerability/CVE-2014-2473,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv) and SGD SSL Daemon (ttassl).,Oracle,Virtualization,,,0.0023499999660998583,false,,false,false,false,,,false,false,,2014-10-15T15:15:00.000Z,0
CVE-2014-4232,https://securityvulnerability.io/vulnerability/CVE-2014-4232,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463.",Oracle,"Virtualization,Virtualization Secure Global Desktop",,,0.00343000004068017,false,,false,false,false,,,false,false,,2014-07-17T02:36:00.000Z,0
CVE-2014-2463,https://securityvulnerability.io/vulnerability/CVE-2014-2463,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-4232.",Oracle,Virtualization,,,0.0013500000350177288,false,,false,false,false,,,false,false,,2014-04-16T02:05:00.000Z,0
CVE-2014-2439,https://securityvulnerability.io/vulnerability/CVE-2014-2439,,Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.,Oracle,Virtualization,,,0.0016799999866634607,false,,false,false,false,,,false,false,,2014-04-16T02:05:00.000Z,0
CVE-2014-0419,https://securityvulnerability.io/vulnerability/CVE-2014-0419,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications.",Oracle,Virtualization Secure Global Desktop,,,0.010400000028312206,false,,false,false,false,,,false,false,,2014-01-15T02:50:00.000Z,0
CVE-2013-3834,https://securityvulnerability.io/vulnerability/CVE-2013-3834,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv.,Oracle,Virtualization,,,0.00215999991632998,false,,false,false,false,,,false,false,,2013-10-16T15:55:00.000Z,0
CVE-2013-3779,https://securityvulnerability.io/vulnerability/CVE-2013-3779,,"Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.",Oracle,"Virtualization,Vm Virtualbox",,,0.006730000022798777,false,,false,false,false,,,false,false,,2013-07-17T10:00:00.000Z,0
CVE-2013-3782,https://securityvulnerability.io/vulnerability/CVE-2013-3782,,Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.,Oracle,Virtualization,,,0.00343000004068017,false,,false,false,false,,,false,false,,2013-07-17T10:00:00.000Z,0