Vulnerabilities > Oracle > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-07-19 CVE-2022-21540 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
low complexity
oracle fedoraproject debian netapp azul
5.3
2022-07-19 CVE-2022-21541 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
high complexity
oracle fedoraproject debian netapp azul
5.9
2022-07-19 CVE-2022-21549 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle azul fedoraproject debian netapp
5.3
2022-07-19 CVE-2022-21586 Unspecified vulnerability in Oracle Banking Trade Finance 14.5
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure).
network
high complexity
oracle
6.4
2022-06-17 CVE-2022-21503 Unspecified vulnerability in Oracle Cloud Infrastructure
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services.
network
low complexity
oracle
4.0
2022-06-14 CVE-2022-21504 Use After Free vulnerability in Oracle Linux 7/8
The code in UEK6 U3 was missing an appropiate file descriptor count to be missing.
local
low complexity
oracle CWE-416
5.5
2022-06-09 CVE-2022-21499 Out-of-bounds Write vulnerability in multiple products
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown.
local
low complexity
oracle debian CWE-787
6.7
2022-05-19 CVE-2022-22976 Integer Overflow or Wraparound vulnerability in multiple products
Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability.
network
low complexity
vmware oracle netapp CWE-190
5.3
2022-05-16 CVE-2022-25169 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
local
low complexity
apache oracle CWE-770
5.5
2022-05-16 CVE-2022-30126 In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file.
local
low complexity
apache oracle
5.5