CVE Daily
← All tags

Tag: Unauthenticated/Unauthorized Access

All CVEs associated with "Unauthenticated/Unauthorized Access". Page 83/128 • 15328 CVEs.

Subscribe CVEs: RSS for “Unauthenticated/Unauthorized Access”  ·  RSS (High+Critical only)

About “Unauthenticated/Unauthorized Access”

A curated feed of “Unauthenticated/Unauthorized Access”-related CVEs appears below. We currently track 15328 CVEs for this tag (all time). In the last 365 days, 3832 were published. Average CVSS is 7.4 (all time; 7.4 over 365d), and 61% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-862 - Missing Authorization, CWE-306 - Missing Authentication for Critical Function, CWE-639 - Authorization Bypass Through User-Controlled Key.

In our taxonomy this topic maps to a HIGH impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2021-04-22
High

CVE-2021-2292

Vulnerability in the Oracle Document Management and Collaboration product of Oracle E-Business Suite (component: Document Management). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2021-2291

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows low…

CVSS: 4.7 CWE: N/A View on NVD
High

CVE-2021-2290

Vulnerability in the Oracle Engineering product of Oracle E-Business Suite (component: Change Management). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitabl…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2289

Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Template, GTIN search). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploi…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2288

Vulnerability in the Oracle Bills of Material product of Oracle E-Business Suite (component: Bill Issues). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability all…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2287

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2286

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2285

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2284

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2283

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2282

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2281

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2280

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauth…

CVSS: 7.1 CWE: N/A View on NVD
High

CVE-2021-2279

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows unau…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2277

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easil…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-2276

Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2021-2275

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable v…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2021-2274

Vulnerability in the Oracle E-Business Tax product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitabl…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2273

Vulnerability in the Oracle Legal Entity Configurator product of Oracle E-Business Suite (component: Create Contracts). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2272

Vulnerability in the Oracle Subledger Accounting product of Oracle E-Business Suite (component: Inquiries). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability al…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2271

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Resource Exceptions). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2270

Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Sites). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privile…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2269

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price Book). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2268

Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: Courseware). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low pri…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2267

Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2021-2266

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high p…

CVSS: 6.0 CWE: N/A View on NVD
High

CVE-2021-2264

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows low pr…

CVSS: 8.4 CWE: N/A View on NVD
High

CVE-2021-2263

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Intelligence, RFx). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2262

Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite (component: Endeca). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2261

Vulnerability in the Oracle Lease and Finance Management product of Oracle E-Business Suite (component: Quotes). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily expl…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2260

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: iRecruitment). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2259

Vulnerability in the Oracle Payables product of Oracle E-Business Suite (component: India Localization, Results). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exp…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2258

Vulnerability in the Oracle Projects product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
Critical

CVE-2021-2256

Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway (component: Management Console). The supported version that is affected is Prior to 16.3.1.4.2. Easily e…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2021-2255

Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component: Authoring). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allow…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2254

Vulnerability in the Oracle Project Contracts product of Oracle E-Business Suite (component: Hold Management). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability…

CVSS: 8.1 CWE: N/A View on NVD
Critical

CVE-2021-2253

Vulnerability in the Oracle Advanced Supply Chain Planning product of Oracle Supply Chain (component: Core). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability a…

CVSS: 9.1 CWE: N/A View on NVD
High

CVE-2021-2252

Vulnerability in the Oracle Loans product of Oracle E-Business Suite (component: Loan Details, Loan Accounting Events). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2251

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Data Source). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitabl…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2249

Vulnerability in the Oracle Landed Cost Management product of Oracle E-Business Suite (component: Shipment Workbench). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easil…

CVSS: 8.1 CWE: N/A View on NVD
Critical

CVE-2021-2248

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthen…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2021-2247

Vulnerability in the Oracle Advanced Collections product of Oracle E-Business Suite (component: Admin). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable v…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2246

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.1.1-12.1.3. Easil…

CVSS: 8.1 CWE: N/A View on NVD
Critical

CVE-2021-2244

Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: JAPI) and Essbase Analytic Provider Services product of Oracle Essbase (component: JAPI). Supported ver…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2021-2242

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerabilit…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2241

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low p…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2240

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerabilit…

CVSS: 7.3 CWE: N/A View on NVD
High

CVE-2021-2239

Vulnerability in the Oracle Time and Labor product of Oracle E-Business Suite (component: Timecard). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2238

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Process Operations). The supported version that is affected is 12.1.3. Easily exploitable vuln…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2237

Vulnerability in the Oracle General Ledger product of Oracle E-Business Suite (component: Account Hierarchy Manager). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulner…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2236

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Advanced Global Intercompany). Supported versions that are affected are 12.1.1-12.1.3. Easily expl…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2235

Vulnerability in the Oracle Transportation Execution product of Oracle E-Business Suite (component: Install and Upgrade). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vu…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2233

Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite (component: Setup). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploi…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2231

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileg…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2229

Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite (component: LOVs). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low priv…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2228

Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitab…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2227

Vulnerability in the Oracle Cash Management product of Oracle E-Business Suite (component: Bank Account Transfer). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerabi…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2021-2226

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable v…

CVSS: 4.9 CWE: N/A View on NVD
High

CVE-2021-2225

Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerabilit…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2224

Vulnerability in the Oracle Compensation Workbench product of Oracle E-Business Suite (component: Compensation Workbench). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable v…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2223

Vulnerability in the Oracle Receivables product of Oracle E-Business Suite (component: Receipts). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low p…

CVSS: 8.1 CWE: N/A View on NVD
High

CVE-2021-2222

Vulnerability in the Oracle Bill Presentment Architecture product of Oracle E-Business Suite (component: Template Search). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. E…

CVSS: 8.1 CWE: N/A View on NVD
Critical

CVE-2021-2221

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthen…

CVSS: 9.6 CWE: N/A View on NVD
High

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Health Center). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerabi…

CVSS: 8.3 CWE: N/A View on NVD
Medium

CVE-2021-2216

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Multichannel Framework). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitab…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2021-2214

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2021-2211

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.…

CVSS: 5.9 CWE: N/A View on NVD
High

CVE-2021-2210

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Quotes). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vuln…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2209

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable…

CVSS: 8.5 CWE: N/A View on NVD
High

CVE-2021-2206

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Quotes). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vuln…

CVSS: 8.2 CWE: N/A View on NVD
Critical

CVE-2021-2205

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerabili…

CVSS: 9.1 CWE: N/A View on NVD
Medium

CVE-2021-2204

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0…

CVSS: 5.3 CWE: N/A View on NVD
Critical

CVE-2021-2200

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Home page). The supported version that is affected is 12.2.10. Easily exploitable vulnerability allow…

CVSS: 9.1 CWE: N/A View on NVD
High

CVE-2021-2199

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2198

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploi…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2197

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2195

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite (component: Attribute Admin Setup). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploi…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2190

Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Template). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulne…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-2189

Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Template). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulne…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-2188

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2187

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2186

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2185

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2184

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2183

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2182

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2021-2181

Vulnerability in the Oracle Document Management and Collaboration product of Oracle E-Business Suite (component: Attachments). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easi…

CVSS: 7.6 CWE: N/A View on NVD
Critical

CVE-2021-2177

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Gateway). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthe…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2021-2163

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2021-2161

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.…

CVSS: 5.9 CWE: N/A View on NVD
High

CVE-2021-2157

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: TopLink Integration). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2021-2156

Vulnerability in the Oracle Customers Online product of Oracle E-Business Suite (component: Customer Tab). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulne…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2021-2155

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploit…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2021-2153

Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses). Supported versions that are affected are 12.2.3-12.2.10. Easily exploitable vulnerabilit…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2021-2150

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnera…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2021-2142

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows una…

CVSS: 6.1 CWE: N/A View on NVD
Medium

CVE-2021-2140

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Rules Framework). Supported versions that are affec…

CVSS: 6.1 CWE: N/A View on NVD
Critical

CVE-2021-2136

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily e…

CVSS: 9.8 CWE: N/A View on NVD
Critical

CVE-2021-2135

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easil…

CVSS: 9.8 CWE: N/A View on NVD
Medium

CVE-2021-2053

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: UI Framework). The supported version that is affected is 13.4.0.0. Easily exploitable vulnerabil…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2021-2008

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). The supported version that is affected are 11.1.1.9 and 12.2.1.3 Ea…

CVSS: 7.3 CWE: N/A View on NVD
High

CVE-2021-0268

An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, wh…

CVSS: 8.8 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2021-0261

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated a…

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2021-0260

An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read…

CVSS: 7.3 CWE: CWE-285 - Improper Authorization View on NVD
High

CVE-2021-0232

An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registe…

CVSS: 7.4 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2021-20590

Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 mode…

CVSS: 7.5 CWE: CWE-287 - Improper Authentication View on NVD
2021-04-21
Critical

CVE-2021-21427

Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized ac…

CVSS: 9.1 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2021-04-20
High

CVE-2020-7857

A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes. This issue affects: To…

CVSS: 7.5 CWE: CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') View on NVD
Critical

CVE-2021-28827

The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for…

CVSS: 9.6 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
High

CVE-2020-7856

A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.

CVSS: 7.5 CWE: CWE-287 - Improper Authentication View on NVD
2021-04-19
High

CVE-2021-20990

In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal management service is accessible on port 8000 and some API endpoints could be accessed without authenticatio…

CVSS: 7.5 CWE: CWE-306 - Missing Authentication for Critical Function View on NVD
2021-04-16
High

CVE-2020-9668

Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privile…

CVSS: 7.8 CWE: CWE-284 - Improper Access Control View on NVD
2021-04-15
High

CVE-2021-28549

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could lever…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2021-28548

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could lever…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2021-21100

Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to ac…

CVSS: 7.8 CWE: CWE-379 - Creation of Temporary File in Directory with Insecure Permissions View on NVD
High

CVE-2021-21095

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this v…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2021-21094

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could lever…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2021-21093

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage…

CVSS: 7.8 CWE: CWE-788 - Access of Memory Location After End of Buffer View on NVD
High

CVE-2021-21092

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage…

CVSS: 7.8 CWE: CWE-788 - Access of Memory Location After End of Buffer View on NVD
Low

CVE-2021-21091

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vu…

CVSS: 3.3 CWE: CWE-125 - Out-of-bounds Read View on NVD