CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21188
https://notcve.org/view.php?id=CVE-2024-21188
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Supported versions that are affected are 6.0.0.0.0 and 6.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Revenue Management and Billing, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Revenue Management and Billing accessible data as well as unauthorized read access to a subset of Oracle Financial Services Revenue Management and Billing accessible data. • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21185
https://notcve.org/view.php?id=CVE-2024-21185
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38, 8.4.1 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21184
https://notcve.org/view.php?id=CVE-2024-21184
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks of this vulnerability can result in takeover of Oracle Database RDBMS Security. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21183
https://notcve.org/view.php?id=CVE-2024-21183
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21182
https://notcve.org/view.php?id=CVE-2024-21182
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •