CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21246
https://notcve.org/view.php?id=CVE-2024-21246
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Service Bus. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Service Bus accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-862: Missing Authorization •
CVSS: 2.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21244
https://notcve.org/view.php?id=CVE-2024-21244
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 2.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21243
https://notcve.org/view.php?id=CVE-2024-21243
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21242
https://notcve.org/view.php?id=CVE-2024-21242
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML Database. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of XML Database. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21241
https://notcve.org/view.php?id=CVE-2024-21241
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2024.html •