| CVE ID | CVSS3.1 | Exploitable | Vendor | Product | Vulnerability | Date added |
|---|---|---|---|---|---|---|
| CVE-2025-61757 | 9.8 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability | 2025-11-21 00:00:00 |
| CVE-2025-61884 | 7.5 | True | Oracle | E-Business Suite | Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability | 2025-10-20 00:00:00 |
| CVE-2025-61882 | 9.8 | True | Oracle | E-Business Suite | Oracle E-Business Suite Unspecified Vulnerability | 2025-10-06 00:00:00 |
| CVE-2024-20953 | 8.8 | True | Oracle | Agile Product Lifecycle Management (PLM) | Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability | 2025-02-24 00:00:00 |
| CVE-2020-2883 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Unspecified Vulnerability | 2025-01-07 00:00:00 |
| CVE-2024-21287 | 7.5 | True | Oracle | Agile Product Lifecycle Management (PLM) | Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability | 2024-11-21 00:00:00 |
| CVE-2022-21445 | 9.8 | True | Oracle | ADF Faces | Oracle ADF Faces Deserialization of Untrusted Data Vulnerability | 2024-09-18 00:00:00 |
| CVE-2020-14644 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Remote Code Execution Vulnerability | 2024-09-18 00:00:00 |
| CVE-2017-3506 | 7.4 | True | Oracle | WebLogic Server | Oracle WebLogic Server OS Command Injection Vulnerability | 2024-06-03 00:00:00 |
| CVE-2020-2551 | 9.8 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Unspecified Vulnerability | 2023-11-16 00:00:00 |
| CVE-2016-3427 | 9.8 | True | Oracle | Java SE and JRockit | Oracle Java SE and JRockit Unspecified Vulnerability | 2023-05-12 00:00:00 |
| CVE-2023-21839 | 7.5 | True | Oracle | WebLogic Server | Oracle WebLogic Server Unspecified Vulnerability | 2023-05-01 00:00:00 |
| CVE-2022-21587 | 9.8 | True | Oracle | E-Business Suite | Oracle E-Business Suite Unspecified Vulnerability | 2023-02-02 00:00:00 |
| CVE-2021-35587 | 9.8 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Unspecified Vulnerability | 2022-11-28 00:00:00 |
| CVE-2018-2628 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Unspecified Vulnerability | 2022-09-08 00:00:00 |
| CVE-2010-0840 | 9.8 | True | Oracle | Java Runtime Environment (JRE) | Oracle JRE Unspecified Vulnerability | 2022-05-25 00:00:00 |
| CVE-2012-1710 | 9.8 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Unspecified Vulnerability | 2022-05-25 00:00:00 |
| CVE-2013-0422 | 9.8 | True | Oracle | Java Runtime Environment (JRE) | Oracle JRE Remote Code Execution Vulnerability | 2022-05-25 00:00:00 |
| CVE-2013-0431 | 5.3 | True | Oracle | Java Runtime Environment (JRE) | Oracle JRE Sandbox Bypass Vulnerability | 2022-05-25 00:00:00 |
| CVE-2013-2423 | 3.7 | True | Oracle | Java Runtime Environment (JRE) | Oracle JRE Unspecified Vulnerability | 2022-05-25 00:00:00 |
| CVE-2019-3010 | 8.8 | True | Oracle | Solaris | Oracle Solaris Privilege Escalation Vulnerability | 2022-05-25 00:00:00 |
| CVE-2012-0518 | 4.7 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Unspecified Vulnerability | 2022-03-28 00:00:00 |
| CVE-2012-5076 | 9.8 | True | Oracle | Java SE | Oracle Java SE Sandbox Bypass Vulnerability | 2022-03-28 00:00:00 |
| CVE-2013-2465 | 9.8 | True | Oracle | Java SE | Oracle Java SE Unspecified Vulnerability | 2022-03-28 00:00:00 |
| CVE-2019-2616 | 7.2 | True | Oracle | BI Publisher (Formerly XML Publisher) | Oracle BI Publisher Unauthorized Access Vulnerability | 2022-03-25 00:00:00 |
| CVE-2008-3431 | 8.8 | True | Oracle | VirtualBox | Oracle VirtualBox Insufficient Input Validation Vulnerability | 2022-03-03 00:00:00 |
| CVE-2011-3544 | 9.8 | True | Oracle | Java SE JDK and JRE | Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability | 2022-03-03 00:00:00 |
| CVE-2012-0507 | 9.8 | True | Oracle | Java SE | Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability | 2022-03-03 00:00:00 |
| CVE-2012-1723 | 9.8 | True | Oracle | Java SE | Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability | 2022-03-03 00:00:00 |
| CVE-2012-4681 | 9.8 | True | Oracle | Java SE | Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability | 2022-03-03 00:00:00 |
| CVE-2015-2590 | 9.8 | True | Oracle | Java SE | Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability | 2022-03-03 00:00:00 |
| CVE-2015-4902 | 5.3 | True | Oracle | Java SE | Oracle Java SE Integrity Check Vulnerability | 2022-03-03 00:00:00 |
| CVE-2017-10271 | 7.5 | True | Oracle | WebLogic Server | Oracle Corporation WebLogic Server Remote Code Execution Vulnerability | 2022-02-10 00:00:00 |
| CVE-2020-14864 | 7.5 | True | Oracle | Intelligence Enterprise Edition | Oracle Business Intelligence Enterprise Edition Path Transversal | 2022-01-18 00:00:00 |
| CVE-2019-2725 | 7.5 | True | Oracle | WebLogic Server | Oracle WebLogic Server, Injection | 2022-01-10 00:00:00 |
| CVE-2020-14883 | 7.2 | True | Oracle | WebLogic Server | Oracle WebLogic Server Unspecified Vulnerability | 2021-11-03 00:00:00 |
| CVE-2020-14882 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Remote Code Execution Vulnerability | 2021-11-03 00:00:00 |
| CVE-2020-14750 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Remote Code Execution Vulnerability | 2021-11-03 00:00:00 |
| CVE-2015-4852 | 9.8 | True | Oracle | WebLogic Server | Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability | 2021-11-03 00:00:00 |
| CVE-2020-14871 | 10.0 | True | Oracle | Solaris and Zettabyte File System (ZFS) | Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability | 2021-11-03 00:00:00 |
| CVE-2012-3152 | 9.1 | True | Oracle | Fusion Middleware | Oracle Fusion Middleware Unspecified Vulnerability | 2021-11-03 00:00:00 |
| CVE-2020-2555 | 9.8 | True | Oracle | Multiple Products | Oracle Multiple Products Remote Code Execution Vulnerability | 2021-11-03 00:00:00 |
AVET INS is an owner of VULNDBASE brand and website. This product uses data from the NVD API but is not endorsed or certified by the NVD. See NVD page for more information. CVE is a registered trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE site. CWE is a registered trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE page. KEV (Known Exploited Vulnerabilities) is a catalog maintained by CISA. EUVD is the official EU repository for timely, curated cybersecurity vulnerability intelligence and remediation guidance run by ENISA. DORA (Digital Operational Resilience Act) is and EU directive.
Copyright AVET INS 1997 - 2026