CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM, affecting the Siebel Cloud Manager component. It allows an easily exploitable attack by a low privileged attacker with network access via HTTP, potentially leading to takeover of Siebel CRM Cloud Applications.
Vulnerability in the Siebel CRM Cloud Applications product of Oracle Siebel CRM, affecting versions 17.0-26.5. It allows an unauthenticated attacker with network access via HTTP to compromise Siebel CRM Cloud Applications.
Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite, affecting the Quality Management Specs component. Easily exploitable by a low privileged attacker with network access via HTTP, potentially leading to takeover of Oracle Process Manufacturing Product Development.
Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite, affecting versions 12.2.3-12.2.15. It allows a low privileged attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair and Overhaul.
A vulnerability in the Oracle Solaris product (component: Filesystem) allows a low privileged attacker with logon to the infrastructure to compromise the system. Successful attacks can lead to unauthorized access to critical data and complete denial of service.
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards, concerning business logic infrastructure security. Versions 9.2.0.0-9.2.26.2 are susceptible to easily exploitable attacks that can lead to takeover of JD Edwards EnterpriseOne Tools.
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business Suite (component: Core) affects versions V15 and V16. It allows an easily exploitable attack by an unauthenticated attacker with network access via HTTPS, potentially leading to unauthorized creation, deletion, or modification of critical data.
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite, affecting the Home Page component. Supported versions 12.2.3-12.2.15 are easily exploitable by a low privileged attacker with network access via HTTPS.
Vulnerability in JD Edwards EnterpriseOne Accounts Payable (version 9.2) allows a low-privileged attacker via HTTP to unauthorized create, delete, or modify critical data and gain full access to all Accounts Payable data.
Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM affects the Database Upgrade component. This flaw is easily exploitable by a low-privileged attacker with local access to the infrastructure where Siebel CRM Deployment runs. Successful exploitation can lead to full takeover of Siebel CRM Deployment.
Vulnerability in the Siebel Apps - Marketing product of Oracle Siebel CRM allows a low privileged attacker with network access via HTTP to compromise the application. Versions 17.0-26.5 are affected by this easily exploitable vulnerability.
Vulnerability in Oracle Siebel CRM Integration product (EAI component) allows a low-privileged attacker with network access via HTTP to take over the system. Affects versions 17.0-26.5 with a high CVSS score of 8.8.
Vulnerability in the Oracle VM VirtualBox product (component: VMSVGA device) in version 7.2.8. It allows a high privileged attacker with access to the infrastructure to compromise Oracle VM VirtualBox, which may significantly impact additional products.
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell for VS Code) allows a low privileged attacker with network access to compromise MySQL Shell. Attacks may significantly impact additional products.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting the Extensibility Framework component, exists in versions 13.5 and 24.1. Easily exploitable vulnerability allows a high privileged attacker with network access via HTTPS to compromise Oracle Enterprise Manager Base Platform.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, related to the Extensibility Framework component. Easily exploitable vulnerability allows a high privileged attacker with network access via HTTPS to compromise Oracle Enterprise Manager Base Platform.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, allows an unauthenticated attacker with network access via HTTPS to compromise the platform, potentially leading to hangs or frequent crashes and unauthorized access to data.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting versions 13.5 and 24.1, related to the Extensibility Framework component. It allows an easily exploitable attack by a high privileged attacker with access to the infrastructure where Oracle Enterprise Manager Base Platform runs.
Vulnerability in the Oracle Enterprise Manager Base Platform product, affecting the Agent Next Gen component, impacts versions 13.5 and 24.1. It allows an easily exploitable attack by a low privileged attacker with network access via SSH, potentially leading to takeover of the Oracle Enterprise Manager Base Platform.
Vulnerability in MySQL Server and MySQL Cluster that allows an unauthenticated attacker with network access via multiple protocols to compromise the system. An attacker can cause hangs or frequent crashes of the server, leading to complete denial of service.

