Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-2150 | Unspecified vulnerability in Oracle Istore Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). network oracle | 5.8 |
| 2021-04-22 | CVE-2021-2146 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). | 4.9 |
| 2021-04-22 | CVE-2021-2145 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local oracle | 4.4 |
| 2021-04-22 | CVE-2021-2144 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). | 6.5 |
| 2021-04-22 | CVE-2021-2142 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). network oracle | 5.8 |
| 2021-04-22 | CVE-2021-2140 | Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Rules Framework). network oracle | 5.8 |
| 2021-04-22 | CVE-2021-2134 | Unspecified vulnerability in Oracle Enterprise Manager 12.2.1.4 Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). | 4.0 |
| 2021-04-22 | CVE-2021-2053 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.4.0.0 Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: UI Framework). network oracle | 5.8 |
| 2021-04-22 | CVE-2021-28168 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. | 5.5 |
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |