Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Oracle — Vulnerabilities & Security Advisories 224

Browse all 224 CVE security advisories affecting Oracle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Oracle Corporation primarily develops enterprise software, databases, and cloud computing services, serving as critical infrastructure for numerous global organizations. With 224 recorded CVEs, its attack surface reflects the complexity of large-scale, legacy-heavy systems. Historically, vulnerabilities frequently involve remote code execution and privilege escalation, often stemming from inadequate input validation or improper access controls within its middleware and database components. Cross-site scripting and information disclosure also appear regularly, highlighting persistent weaknesses in web-facing interfaces. Notable incidents include critical flaws in WebLogic Server and Java SE, which allowed attackers to bypass security mechanisms or execute arbitrary commands. These issues underscore the risks associated with maintaining extensive, interconnected enterprise environments. The high volume of disclosed vulnerabilities suggests that while Oracle maintains rigorous development practices, the sheer scale and age of its codebase present ongoing challenges for comprehensive security hygiene and patch management across its diverse product portfolio.

Found 14 results / 224Clear Filters
Top products by Oracle: Advanced Outbound Telephony Marketing One-to-One Fulfillment MySQL Server Java SE FLEXCUBE Universal Banking Outside In Technology FLEXCUBE Investor Servicing FLEXCUBE Private Banking Knowledge Management GlassFish Server PeopleSoft Enterprise PT PeopleTools MySQL Cluster VM VirtualBox Partner Management FLEXCUBE Core Banking Solaris Operating System Customer Interaction History CRM Technical Foundation Universal Work Queue iSupport Common Applications Siebel UI Framework Email Center Oracle Database Primavera P6 Enterprise Project Portfolio Management Service Fulfillment Manager FLEXCUBE Direct Banking Customer Intelligence FLEXCUBE Enterprise Limits and Collateral Management
HighCVE-2026-352732026-06-14
Oracle Security Alert Advisory - CVE-2026-35273
Medium2026-06-13
Java内置Base64类拒绝服务漏洞及POC分析
Unknown2026-06-13
Java Base64 DoS漏洞原理及POC验证
Medium2026-06-03
Java Xerces Base64 拒绝服务漏洞 (DoS) 分析及 POC
Medium2026-06-03
Java Base64内部类DoS漏洞利用代码与修复指南
Critical2026-06-03
Oracle Critical Security Patch Update Advisory - May 2026
CriticalUSN-8363-12026-06-02
USN-8363-1: MySQL vulnerabilities | Ubuntu security notices | Ubuntu
MediumCVE-2006-02722025-11-19
VU#891644 - Oracle Database XML Database SQL Injection vulnerability
HighVU#4461002025-11-14
VU#446100 - Oracle CREATE_CHANGE_TABLE procedure vulnerable to PL/SQL injection
CriticalCVE-2022-212862025-11-13
ZDI-22-088 | Zero Day Initiative
CriticalCVE-2010-35942025-11-13
ZDI-11-016 | Zero Day Initiative
MediumCVE-2015-26062025-11-11
ZDI-15-352 | Zero Day Initiative
Critical2025-11-10
Oracle Critical Patch Update - January 2011
HighVU#1505082025-11-09
VU#150508 - Oracle E-Business Suite Applications Technology Stack vulnerability
CriticalDSA-2581-12025-11-09
[SECURITY] [DSA 2581-1] mysql-5.1 security update
MediumCVE-2022-213232025-11-09
ZDI-22-108 | Zero Day Initiative
HighCVE-2018-117762025-11-08
Oracle Security Alert Advisory - CVE-2018-11776
Unknown2025-11-08
Oracle Solaris Third Party Bulletin - October 2016
HighCVE-2017-36292025-11-07
Oracle Security Alert for CVE-2017-3629
HighCVE-2016-04872025-11-06
ZDI-16-033 | Zero Day Initiative

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with Oracle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.