CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30702
https://notcve.org/view.php?id=CVE-2025-30702
15 Apr 2025 — Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. Supported versions that are affected are 19.3-19.26. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Fleet Patching and amp; Provisioning. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Fleet Patching and amp; Provisioning accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2025.html •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30736
https://notcve.org/view.php?id=CVE-2025-30736
15 Apr 2025 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data as well as unauthorized access to critical data or complete access to all Ja... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30733
https://notcve.org/view.php?id=CVE-2025-30733
15 Apr 2025 — Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise RDBMS Listener. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all RDBMS Listener accessible da... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-287: Improper Authentication •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30701
https://notcve.org/view.php?id=CVE-2025-30701
15 Apr 2025 — Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account privilege with network access via Oracle Net to compromise RAS Security. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30694
https://notcve.org/view.php?id=CVE-2025-30694
15 Apr 2025 — Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account privilege with network access via HTTP to compromise XML Database. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in XML Database, attacks may significantly impact additional products (scope change). Successful ... • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •
CVSS: 4.2EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21553
https://notcve.org/view.php?id=CVE-2025-21553
21 Jan 2025 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.25, 21.3-21.16 and 23.4-23.6. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java VM accessible data as well as unauthorized read access to a subset of Java VM... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-863: Incorrect Authorization •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21251
https://notcve.org/view.php?id=CVE-2024-21251
15 Oct 2024 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java VM accessible data. CVSS 3.1 Base Score 3.1 (Integrity impacts). • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-203: Observable Discrepancy •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21242
https://notcve.org/view.php?id=CVE-2024-21242
15 Oct 2024 — Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML Database. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS... • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21233
https://notcve.org/view.php?id=CVE-2024-21233
15 Oct 2024 — Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database Core. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database Core accessible data. CVSS 3.1 Base Score 4.3 (Integrity imp... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20227 – Ubuntu Security Notice USN-4732-1
https://notcve.org/view.php?id=CVE-2021-20227
11 Feb 2021 — A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la funcionalidad de consulta SELECT de SQLite (src/select.c). Este fallo permite a un atacante que es capaz de ejecutar consultas SQL localmente en la base... • https://bugzilla.redhat.com/show_bug.cgi?id=1924886 • CWE-416: Use After Free •