Vulnerabilities > Oracle > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-2034 | Unspecified vulnerability in Oracle Common Applications Calendar 12.1.1/12.1.2/12.1.3 Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). | 8.2 |
| 2021-01-20 | CVE-2021-2027 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). | 8.2 |
| 2021-01-20 | CVE-2021-2026 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). | 8.2 |
| 2021-01-20 | CVE-2021-2025 | Unspecified vulnerability in Oracle Business Intelligence Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). | 8.2 |
| 2021-01-20 | CVE-2021-2018 | Unspecified vulnerability in Oracle products Vulnerability in the Advanced Networking Option component of Oracle Database Server. | 8.3 |
| 2021-01-20 | CVE-2021-2015 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). | 8.2 |
| 2021-01-20 | CVE-2021-2013 | Unspecified vulnerability in Oracle Business Intelligence Publisher Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). | 7.6 |
| 2021-01-20 | CVE-2021-1997 | Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 9.1 Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Report). | 8.1 |
| 2021-01-19 | CVE-2021-20190 | Deserialization of Untrusted Data vulnerability in multiple products A flaw was found in jackson-databind before 2.9.10.7. | 8.1 |
| 2021-01-07 | CVE-2020-36183 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. | 8.1 |