CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core) affects versions V15 and V16. It allows an easily exploitable attack by an unauthenticated attacker with network access via HTTPS, potentially leading to unauthorized creation, deletion, or modification of critical data.
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite, affecting the Home Page component. Supported versions 12.2.3-12.2.15 are easily exploitable by a low privileged attacker with network access via HTTPS.
Vulnerability in JD Edwards EnterpriseOne Accounts Payable (version 9.2) allows a low-privileged attacker via HTTP to unauthorized create, delete, or modify critical data and gain full access to all Accounts Payable data.
Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM affects the Database Upgrade component. This flaw is easily exploitable by a low-privileged attacker with local access to the infrastructure where Siebel CRM Deployment runs. Successful exploitation can lead to full takeover of Siebel CRM Deployment.
Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows a low privileged attacker with network access via HTTP to compromise the application. Versions 17.0-26.5 are affected by this easily exploitable vulnerability.
Vulnerability in Oracle Siebel CRM Integration product (EAI component) allows a low-privileged attacker with network access via HTTP to take over the system. Affects versions 17.0-26.5 with a high CVSS score of 8.8.
Vulnerability in the Oracle VM VirtualBox product (component: VMSVGA device) in version 7.2.8. It allows a high privileged attacker with access to the infrastructure to compromise Oracle VM VirtualBox, which may significantly impact additional products.
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code) allows a low privileged attacker with network access to compromise MySQL Shell. Attacks may significantly impact additional products.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting the Extensibility Framework component, exists in versions 13.5 and 24.1. Easily exploitable vulnerability allows a high privileged attacker with network access via HTTPS to compromise Oracle Enterprise Manager Base Platform.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, related to the Extensibility Framework component. Easily exploitable vulnerability allows a high privileged attacker with network access via HTTPS to compromise Oracle Enterprise Manager Base Platform.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, allows an unauthenticated attacker with network access via HTTPS to compromise the platform, potentially leading to hangs or frequent crashes and unauthorized access to data.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, related to the Extensibility Framework component. It allows an easily exploitable attack by a high privileged attacker with access to the infrastructure where Oracle Enterprise Manager Base Platform runs.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting the Agent Next Gen component, impacts versions 13.5 and 24.1. It allows an easily exploitable attack by a low privileged attacker with network access via SSH, potentially leading to takeover of the Oracle Enterprise Manager Base Platform.
Vulnerability in MySQL Server and MySQL Cluster that allows an unauthenticated attacker with network access via multiple protocols to compromise the system. An attacker can cause hangs or frequent crashes of the server, leading to complete denial of service.
Vulnerability in the MySQL Router product of Oracle MySQL allows an unauthenticated attacker with network access via TLS to compromise MySQL Router. Successful attacks can result in hanging or frequently repeatable crashes (complete DOS) of MySQL Router.
Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle, affecting the security component. It allows an unauthenticated attacker with network access via HTTP to take control of the system.
Vulnerability in the PeopleSoft Enterprise CS Student Financials product of Oracle, version 9.2.38, allows a low privileged attacker with network access via HTTP to compromise the system. Successful attacks can lead to unauthorized creation, deletion, or modification of critical data.
Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console) allows a low privileged attacker with logon to the infrastructure where WebLogic Server executes to compromise the server. Successful attacks require human interaction and may significantly impact additional products.
A vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server) allows easy exploitation by a low privileged attacker with network access via HTTP. Successful attacks can lead to unauthorized creation, deletion, or modification of critical data.
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server) allows easy exploitation by an unauthenticated attacker with network access via HTTPS. Successful attacks can lead to unauthorized access to critical data and complete access to all data accessible in Oracle WebCenter Content.

