CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30726
https://notcve.org/view.php?id=CVE-2025-30726
15 Apr 2025 — Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2025-30722
https://notcve.org/view.php?id=CVE-2025-30722
15 Apr 2025 — Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete acces... • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30721
https://notcve.org/view.php?id=CVE-2025-30721
15 Apr 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequentl... • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30720
https://notcve.org/view.php?id=CVE-2025-30720
15 Apr 2025 — Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Orders). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Configurator, attacks may significantly impact additional products (scope change). Successful attacks of ... • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30718
https://notcve.org/view.php?id=CVE-2025-30718
15 Apr 2025 — Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data as well as unauthorized read access... • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30717
https://notcve.org/view.php?id=CVE-2025-30717
15 Apr 2025 — Vulnerability in the Oracle Teleservice product of Oracle E-Business Suite (component: Service Diagnostics Scripts). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Teleservice. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Teleservice accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30716
https://notcve.org/view.php?id=CVE-2025-30716
15 Apr 2025 — Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data. CVSS 3.1 Base Score 7.5 (Confi... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30715 – Ubuntu Security Notice USN-7479-1
https://notcve.org/view.php?id=CVE-2025-30715
15 Apr 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30714
https://notcve.org/view.php?id=CVE-2025-30714
15 Apr 2025 — Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors acces... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30711
https://notcve.org/view.php?id=CVE-2025-30711
15 Apr 2025 — Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional ... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •