CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20903
https://notcve.org/view.php?id=CVE-2024-20903
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). • https://www.oracle.com/security-alerts/cpujan2024.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21833
https://notcve.org/view.php?id=CVE-2023-21833
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Object Store). The supported version that is affected is 8.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle ZFS Storage Appliance Kit accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujan2024.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20953 – Oracle Product Lifecycle Management ExportServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20953
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in takeover of Oracle Agile PLM. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpujan2024.html •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20984 – mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024)
https://notcve.org/view.php?id=CVE-2024-20984
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server : Security : Firewall). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). • https://www.oracle.com/security-alerts/cpujan2024.html https://access.redhat.com/security/cve/CVE-2024-20984 https://bugzilla.redhat.com/show_bug.cgi?id=2258793 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20960 – mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024)
https://notcve.org/view.php?id=CVE-2024-20960
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpujan2024.html https://access.redhat.com/security/cve/CVE-2024-20960 https://bugzilla.redhat.com/show_bug.cgi?id=2258771 •