Oracle Database Server vulnerabilities

CVE-2026-21939 [HIGH] CVE-2026-21939: Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affecte Vulnerability in the SQLcl component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.0. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where SQLcl executes to compromise SQLcl. Successful attacks require human interaction from a person other than the attacker. Successful att

CVE-2025-53047 [MEDIUM] CWE-200 CVE-2025-53047: Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions t Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Bonjour to compromise Portable Clusterware. While the vulnerability is in Portable Clusterware, attacks

CVE-2025-53051 [LOW] CWE-125 CVE-2025-53051: Vulnerability in the RDBMS Functional Index component of Oracle Database Server. Supported versions Vulnerability in the RDBMS Functional Index component of Oracle Database Server. Supported versions that are affected are 23.4-23.9. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise RDBMS Functional Index. Successful attacks of this vulnerability can result in unau

CVE-2025-61749 [LOW] CWE-284 CVE-2025-61749: Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 23.4-23.9. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorized update, inse

CVE-2025-30751 [HIGH] CWE-863 CVE-2025-30751: Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that a Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Oracle Database. Successful attacks of this vulnerabil

CVE-2025-50070 [MEDIUM] CWE-284 CVE-2025-50070: Vulnerability in the JDBC component of Oracle Database Server. Supported versions that are affected Vulnerability in the JDBC component of Oracle Database Server. Supported versions that are affected are 23.4-23.8. Difficult to exploit vulnerability allows low privileged attacker having Authenticated OS User privilege with logon to the infrastructure where JDBC executes to compromise JDBC. Successful attacks require human interaction from a person

CVE-2025-50066 [LOW] CWE-269 CVE-2025-50066: Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Support Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMS_REDEFINITION privilege with network access via Oracle Net to compromise Oracle Database Materia

CVE-2025-30750 [LOW] CWE-863 CVE-2025-30750: Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks require human interaction

CVE-2024-21233 [MEDIUM] CWE-203 CVE-2024-21233: Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database Core. Successful attacks of this

CVE-2024-21251 [LOW] CWE-203 CVE-2024-21251: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerab

CVE-2024-21184 [HIGH] CWE-250 CVE-2024-21184: Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks of this

CVE-2024-21126 [MEDIUM] CWE-400 CVE-2024-21126: Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supp Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via DNS to compromise Oracle Database Portable Clusterware. While the vulnerability is in Oracle Databa

CVE-2024-21174 [LOW] CWE-770 CVE-2024-21174: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability

CVE-2024-21123 [LOW] CWE-276 CVE-2024-21123: Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with logon to the infrastructure where Oracle Database Core executes to compromise Oracle Database Core. Successful attacks of this v

CVE-2024-21066 [MEDIUM] CWE-79 CVE-2024-21066: Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affecte Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with logon to the infrastructure where RDBMS executes to compromise RDBMS. Successful attacks require human interaction

CVE-2024-21058 [MEDIUM] CVE-2024-21058: Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorize

CVE-2024-20995 [LOW] CWE-404 CVE-2024-20995: Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versio Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Oracle Database Sharding. Successful attacks require human interacti

CVE-2024-20903 [MEDIUM] CVE-2024-20903: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result i

CVE-2023-22096 [MEDIUM] CVE-2023-22096: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result i

CVE-2023-22071 [MEDIUM] CVE-2023-22071: Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affect Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utl_http privilege with network access via Oracle Net to compromise PL/SQL. Successful attacks require human interaction fr