cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21093,https://securityvulnerability.io/vulnerability/CVE-2024-21093,Java VM Vulnerability Affects Oracle Database Server,"A vulnerability exists in the Java VM component of Oracle Database Server that could allow a low-privileged attacker with limited privileges, such as Create Session and Create Procedure, to exploit flaws with network access through Oracle Net. If successfully exploited, this vulnerability may lead to unauthorized access to confidential data or provide complete access to all information accessible via the Java VM. Users of affected versions should ensure their systems are updated to mitigate potential security risks.",Oracle,Java Virtual Machine,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2023-21907,https://securityvulnerability.io/vulnerability/CVE-2023-21907,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain).  Supported versions that are affected are 14.5, 14.6 and  14.7. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data as well as  unauthorized update, insert or delete access to some of Oracle Banking Virtual Account Management accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Virtual Account Management. CVSS 3.1 Base Score 6.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:H).",Oracle,Banking Virtual Account Management,6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21906,https://securityvulnerability.io/vulnerability/CVE-2023-21906,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: SMS Module).  Supported versions that are affected are 14.5, 14.6 and  14.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Banking Virtual Account Management accessible data as well as  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N).",Oracle,Banking Virtual Account Management,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21905,https://securityvulnerability.io/vulnerability/CVE-2023-21905,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: Routing Hub).  Supported versions that are affected are 14.5, 14.6 and  14.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Banking Virtual Account Management accessible data as well as  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N).",Oracle,Banking Virtual Account Management,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21904,https://securityvulnerability.io/vulnerability/CVE-2023-21904,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain).  Supported versions that are affected are 14.5, 14.6 and  14.7. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data as well as  unauthorized update, insert or delete access to some of Oracle Banking Virtual Account Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Virtual Account Management. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L).",Oracle,Banking Virtual Account Management,5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21908,https://securityvulnerability.io/vulnerability/CVE-2023-21908,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Trn Journal Domain).  Supported versions that are affected are 14.5, 14.6 and  14.7. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data as well as  unauthorized update, insert or delete access to some of Oracle Banking Virtual Account Management accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Virtual Account Management. CVSS 3.1 Base Score 6.0 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:H).",Oracle,Banking Virtual Account Management,6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21903,https://securityvulnerability.io/vulnerability/CVE-2023-21903,,"Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial Services Applications (component: OBVAM Internal Tfr Domain).  Supported versions that are affected are 14.5, 14.6 and  14.7. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Banking Virtual Account Management.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Banking Virtual Account Management accessible data as well as  unauthorized update, insert or delete access to some of Oracle Banking Virtual Account Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Virtual Account Management. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L).",Oracle,Banking Virtual Account Management,5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2018-3253,https://securityvulnerability.io/vulnerability/CVE-2018-3253,,"Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Manager). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Virtual Directory. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Virtual Directory accessible data as well as unauthorized read access to a subset of Oracle Virtual Directory accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Virtual Directory. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).",Oracle,Virtual Directory,8.5,HIGH,0.0022700000554323196,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2017-10369,https://securityvulnerability.io/vulnerability/CVE-2017-10369,,"Vulnerability in the Oracle Virtual Directory component of Oracle Fusion Middleware (subcomponent: Virtual Directory Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Virtual Directory. Successful attacks of this vulnerability can result in takeover of Oracle Virtual Directory. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",Oracle,Oracle Virtual Directory,7.5,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2015-4852,https://securityvulnerability.io/vulnerability/CVE-2015-4852,,"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",Oracle,Virtual Desktop Infrastructure,,,0.9678199887275696,true,false,false,true,true,false,false,2015-11-18T15:00:00.000Z,0
CVE-2015-4727,https://securityvulnerability.io/vulnerability/CVE-2015-4727,,"Unspecified vulnerability in Oracle Virtualization Sun Ray Software before 5.4.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Console.",Oracle,Virtualization Sun Ray,,,0.005200000014156103,false,false,false,false,,false,false,2015-07-16T10:00:00.000Z,0
CVE-2015-2581,https://securityvulnerability.io/vulnerability/CVE-2015-2581,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.,Oracle,Virtualization,,,0.0020600000862032175,false,false,false,false,,false,false,2015-07-16T10:00:00.000Z,0
CVE-2014-2475,https://securityvulnerability.io/vulnerability/CVE-2014-2475,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).",Oracle,Virtualization,,,0.0023499999660998583,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-2474,https://securityvulnerability.io/vulnerability/CVE-2014-2474,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2476, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-6459,https://securityvulnerability.io/vulnerability/CVE-2014-6459,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-2476.",Oracle,Virtualization,,,0.007459999993443489,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-2472,https://securityvulnerability.io/vulnerability/CVE-2014-2472,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2474, CVE-2014-2476, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-2473,https://securityvulnerability.io/vulnerability/CVE-2014-2473,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv) and SGD SSL Daemon (ttassl).,Oracle,Virtualization,,,0.0023499999660998583,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-2476,https://securityvulnerability.io/vulnerability/CVE-2014-2476,,"Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-6459.",Oracle,Virtualization,,,0.0023499999660998583,false,false,false,false,,false,false,2014-10-15T15:15:00.000Z,0
CVE-2014-4232,https://securityvulnerability.io/vulnerability/CVE-2014-4232,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463.",Oracle,"Virtualization,Virtualization Secure Global Desktop",,,0.00343000004068017,false,false,false,false,,false,false,2014-07-17T02:36:00.000Z,0
CVE-2014-2463,https://securityvulnerability.io/vulnerability/CVE-2014-2463,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-4232.",Oracle,Virtualization,,,0.0013500000350177288,false,false,false,false,,false,false,2014-04-16T02:05:00.000Z,0
CVE-2014-2439,https://securityvulnerability.io/vulnerability/CVE-2014-2439,,Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.,Oracle,Virtualization,,,0.0016799999866634607,false,false,false,false,,false,false,2014-04-16T02:05:00.000Z,0
CVE-2014-0419,https://securityvulnerability.io/vulnerability/CVE-2014-0419,,"Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications.",Oracle,Virtualization Secure Global Desktop,,,0.010400000028312206,false,false,false,false,,false,false,2014-01-15T02:50:00.000Z,0
CVE-2013-3834,https://securityvulnerability.io/vulnerability/CVE-2013-3834,,Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv.,Oracle,Virtualization,,,0.00215999991632998,false,false,false,false,,false,false,2013-10-16T15:55:00.000Z,0
CVE-2013-3779,https://securityvulnerability.io/vulnerability/CVE-2013-3779,,"Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.",Oracle,"Virtualization,Vm Virtualbox",,,0.006730000022798777,false,false,false,false,,false,false,2013-07-17T10:00:00.000Z,0
CVE-2013-3782,https://securityvulnerability.io/vulnerability/CVE-2013-3782,,Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.,Oracle,Virtualization,,,0.00343000004068017,false,false,false,false,,false,false,2013-07-17T10:00:00.000Z,0