These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-35253 is a medium-severity vulnerability in Oracle's Macoron Tool, published on 2026-05-06 and last modified on 2026-05-10. The NVD entry identifies version v0.22.0 as affected and describes an unauthenticated network-access attack over HTTP that can cause the tool to fail host address validation. The record was still listed as "Undergoing Analysis" in the provided source corpus at the time of th [truncated]
CVE-2026-34314 is a vulnerability in Oracle Financial Services Analytical Applications Infrastructure (Platform component) that Oracle and NVD describe as affecting supported versions 8.0.7.9, 8.0.8.7, and 8.1.2.5. The published impact is serious for data security: a low-privileged attacker with network access via HTTP may be able to compromise the application and create, delete, or modify critical data, [truncated]
CVE-2025-61757 is a high-priority Oracle Fusion Middleware issue involving missing authentication for a critical function. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-11-21, so organizations should treat it as urgent and validate exposure immediately. The supplied source metadata points to Oracle guidance in the October 2025 critical patch update and to the NVD record for further detail.
CVE-2025-61884 is a server-side request forgery (SSRF) vulnerability in Oracle E-Business Suite. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-10-20, which means the issue is confirmed to be under active exploitation. CISA also marks it as having known ransomware campaign use, making this a high-priority issue for defenders running Oracle E-Business Suite.
CVE-2025-61882 is a CISA Known Exploited Vulnerabilities (KEV) entry affecting Oracle E-Business Suite. The supplied corpus identifies it as an unspecified vulnerability and states that it has known exploitation, including known ransomware campaign use. Because this vulnerability is already in CISA's KEV catalog, defenders should treat it as a high-priority remediation item and follow Oracle's mitigation [truncated]
CVE-2024-20953 is an Oracle Agile Product Lifecycle Management (PLM) deserialization vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-02-24. Because it is in KEV, defenders should treat it as actively exploited and prioritize Oracle’s vendor guidance and any available mitigations.
CVE-2020-2883 is a CISA Known Exploited Vulnerability affecting Oracle WebLogic Server. In the supplied KEV record, CISA added it on 2025-01-07 and set a remediation due date of 2025-01-28. The entry classifies the issue as an unspecified vulnerability and directs defenders to apply vendor mitigations or discontinue use of the product if mitigations are unavailable.
CVE-2024-21287 is an Oracle Agile Product Lifecycle Management (PLM) incorrect authorization vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2024-11-21. Because it is listed in KEV, affected organizations should treat it as an active exposure and prioritize Oracle’s vendor guidance, mitigation, or replacement steps if patching is not available.
CVE-2022-21445 affects Oracle ADF Faces and is listed by CISA in the Known Exploited Vulnerabilities catalog as of 2024-09-18. CISA’s guidance for this item is to apply vendor mitigations or discontinue use of the product if mitigations are unavailable. Because KEV inclusion indicates known exploitation, affected Oracle ADF Faces deployments should be treated as a remediation priority rather than a routin [truncated]
CVE-2020-14644 is a CISA Known Exploited Vulnerability affecting Oracle WebLogic Server. Because CISA has added it to the KEV catalog, organizations running WebLogic Server should treat it as a priority remediation item and follow Oracle and CISA guidance without delay.
CVE-2017-3506 is an Oracle WebLogic Server OS command injection vulnerability. CISA listed it in the Known Exploited Vulnerabilities catalog on 2024-06-03 and set a remediation due date of 2024-06-24, making this an urgent priority for WebLogic Server defenders.
CVE-2020-2551 is an Oracle Fusion Middleware unspecified vulnerability that CISA has added to its Known Exploited Vulnerabilities catalog. Because CISA classifies it as known exploited, defenders should treat remediation as urgent even though the supplied corpus does not include technical details, affected versions, or CVSS scoring. CISA’s required action is to apply mitigations per vendor instructions or [truncated]
CVE-2016-3427 is listed by CISA in the Known Exploited Vulnerabilities catalog for Oracle Java SE and JRockit. The public record does not provide a more specific technical breakdown, but it does direct defenders to apply updates per vendor instructions. In the supplied KEV record, CISA added the entry on 2023-05-12 and set a remediation due date of 2023-06-02.
CVE-2023-21839 is an Oracle WebLogic Server vulnerability that CISA has listed in its Known Exploited Vulnerabilities catalog. The public record supplied here does not provide technical specifics or a CVSS score, but it does require defenders to treat affected WebLogic Server deployments as a priority for remediation and to follow vendor update guidance.
CVE-2022-21587 is an Oracle E-Business Suite vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2023-02-02, with a remediation due date of 2023-02-23. The supplied corpus does not include technical details about the flaw, affected versions, or exploitation mechanics, so the safest takeaway is operational: treat it as an actively exploited Oracle E-Business Suite issue and prio [truncated]
CVE-2021-35587 is an Oracle Fusion Middleware vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2022-11-28. The supplied source material does not describe the exact weakness or impact, so the safest conclusion is that it is a confirmed exploitation risk requiring prompt patching per Oracle's guidance. Because CISA set a remediation due date of 2022-12-19, organizations should [truncated]
CVE-2018-2628 is listed by CISA in the Known Exploited Vulnerabilities catalog for Oracle WebLogic Server, which makes it a high-priority defensive issue even though the supplied corpus labels the weakness only as an "unspecified vulnerability." CISA added the entry on 2022-09-08 and set a remediation due date of 2022-09-29. The source notes point to Oracle's April 2018 CPU advisory, but the corpus does n [truncated]
CVE-2019-3010 is an Oracle Solaris privilege escalation vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2022-05-25. That KEV listing is the key signal here: it indicates the issue has been observed as exploited and should be treated as a high-priority remediation item. The supplied corpus does not include CVSS scoring, so operational urgency should be driven by the KEV stat [truncated]
CVE-2013-2423 is listed by CISA as a Known Exploited Vulnerability affecting Oracle Java Runtime Environment (JRE). In the supplied corpus, CISA added it to the KEV catalog on 2022-05-25 and set a remediation due date of 2022-06-15, with guidance to apply updates per vendor instructions. Because the source corpus does not provide technical exploitation details or a CVSS score, this should be handled as a [truncated]
CVE-2013-0431 is an Oracle Java Runtime Environment (JRE) sandbox bypass vulnerability. In the supplied record, CISA lists it in the Known Exploited Vulnerabilities catalog, with known ransomware campaign use noted. Because it appears in KEV, defenders should treat it as a priority remediation item and apply vendor updates per Oracle guidance.
CVE-2013-0422 is listed in CISA’s Known Exploited Vulnerabilities catalog as an Oracle Java Runtime Environment (JRE) remote code execution issue. CISA added it on 2022-05-25 and set a remediation due date of 2022-06-15. The supplied source instructs defenders to apply updates per vendor instructions.
CVE-2012-1710 is an Oracle Fusion Middleware vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. The public record provided here does not include the specific flaw type or affected version range, but the KEV listing means defenders should treat it as actively exploited and prioritize remediation using Oracle's update guidance.
CVE-2010-0840 is listed by CISA as a Known Exploited Vulnerability affecting Oracle Java Runtime Environment (JRE). The supplied source corpus does not provide technical exploitation details, but the KEV listing indicates active real-world abuse and makes this a high-priority patching item for environments that still run affected Java runtimes.
CVE-2013-2465 is an Oracle Java SE vulnerability that CISA has listed in its Known Exploited Vulnerabilities catalog. In the supplied source data, CISA marks it as known exploited and notes known ransomware campaign use, which makes this a defensive priority for any environment still running Oracle Java SE or Java-dependent legacy applications.
CVE-2012-5076 is an Oracle Java SE sandbox bypass vulnerability that CISA has included in its Known Exploited Vulnerabilities catalog. For defenders, the main takeaway is operational: treat affected Java SE installations as high priority for patching and follow Oracle’s update guidance. CISA’s KEV entry indicates known exploitation, and the catalog directs organizations to apply updates per vendor instructions.
CVE-2012-0518 is listed by CISA as a Known Exploited Vulnerability for Oracle Fusion Middleware. The public record in this corpus labels it only as an unspecified vulnerability, so the safest response is to treat it as a validated exploitation risk and follow Oracle’s update guidance without delay.
CVE-2019-2616 affects Oracle BI Publisher (formerly XML Publisher) and is described as an unauthorized access vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2022-03-25, which means it should be treated as a known-exploited issue and prioritized for remediation. The supplied corpus does not provide deeper technical root-cause details, affected versions, or exploit conditions.
CVE-2015-4902 is listed by CISA as an Oracle Java SE integrity check vulnerability and is included in the Known Exploited Vulnerabilities catalog. That designation means defenders should treat it as a confirmed exploitation risk and prioritize remediation on any affected systems that still rely on Oracle Java SE.
CVE-2015-2590 is a remote code execution vulnerability affecting Oracle Java SE and Java SE Embedded. CISA lists it in the Known Exploited Vulnerabilities catalog, which makes it a priority remediation item. The safest response is to follow Oracle's update guidance, reduce exposure where possible, and verify that affected Java installations are patched.
CVE-2012-4681 is an Oracle Java SE Runtime Environment (JRE) arbitrary code execution vulnerability that CISA added to the Known Exploited Vulnerabilities (KEV) catalog on 2022-03-03. CISA’s entry also marks it as known for ransomware campaign use. The defensive takeaway is straightforward: this is an actively exploited Oracle Java SE issue, so exposed or still-supported Java deployments should be priorit [truncated]
CVE-2012-1723 is an Oracle Java SE Runtime Environment (JRE) arbitrary code execution vulnerability that CISA lists in the Known Exploited Vulnerabilities catalog. Because it is marked as known exploited, with known ransomware campaign use, it should be treated as a high-priority remediation item wherever Oracle Java SE/JRE remains in use.
CVE-2012-0507 is an Oracle Java SE Runtime Environment (JRE) arbitrary code execution vulnerability that CISA has added to its Known Exploited Vulnerabilities catalog. Because CISA lists it as known exploited and notes known ransomware campaign use, this should be treated as a high-priority remediation item for any environment that still relies on affected Oracle Java SE / JRE deployments. CISA’s catalog [truncated]
CVE-2011-3544 is listed in CISA’s Known Exploited Vulnerabilities catalog for Oracle Java SE JDK and JRE, described there as an Oracle Java SE Runtime Environment (JRE) arbitrary code execution vulnerability. Because CISA marked it as known exploited, organizations should treat remediation as urgent and apply vendor updates per Oracle guidance. The KEV entry was added on 2022-03-03 with a due date of 2022-03-24.
CVE-2008-3431 affects Oracle VirtualBox and is listed by CISA in the Known Exploited Vulnerabilities catalog, which means it has been identified as a vulnerability with known exploitation. The supplied corpus names the issue as an insufficient input validation vulnerability, but does not provide vendor advisory text, affected version range, or patch details. From a defensive standpoint, this is a priority [truncated]
CVE-2017-10271 is a remote code execution vulnerability in Oracle WebLogic Server. CISA added it to the Known Exploited Vulnerabilities catalog on 2022-02-10, marked it as known ransomware campaign use, and set a remediation due date of 2022-08-10. The supplied corpus does not include a vendor advisory or version-specific impact details, so remediation should follow Oracle’s update guidance and be priorit [truncated]
CVE-2020-14864 is an Oracle Business Intelligence Enterprise Edition path traversal issue that CISA lists in its Known Exploited Vulnerabilities catalog. For defenders, the key signal is not just the vulnerability class, but the fact that it was added to KEV, which means CISA considered it known to be exploited and therefore urgent to address. Oracle BI EE environments should be treated as high-priority a [truncated]
CVE-2019-2725 is an Oracle WebLogic Server injection vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. Because it is marked as known exploited, and the supplied enrichment also notes known ransomware campaign use, organizations running WebLogic Server should treat remediation as urgent and follow Oracle’s update guidance without delay.
CVE-2020-2555 is an Oracle Multiple Products remote code execution vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2021-11-03. The supplied official sources do not provide deeper technical detail, but KEV inclusion means defenders should treat it as an actively exploited issue and prioritize remediation using Oracle’s vendor guidance.
CVE-2020-14883 is an Oracle WebLogic Server vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. The public material provided here does not include technical detail beyond the vulnerability being unspecified, but the KEV entry indicates active exploitation risk significant enough to require patching. CISA’s required action is to apply updates per vendor instructions.
CVE-2020-14882 is identified in the supplied corpus as an Oracle WebLogic Server remote code execution vulnerability. CISA includes it in the Known Exploited Vulnerabilities catalog, which indicates known real-world exploitation. The official defensive guidance in the source set is to apply updates per vendor instructions.
CVE-2020-14871 affects Oracle Solaris and Zettabyte File System (ZFS) and is listed by CISA in the Known Exploited Vulnerabilities catalog. The supplied source corpus does not provide technical details of the flaw, but it does confirm that CISA considers it actively exploited and directs defenders to apply vendor updates.
CVE-2020-14750 is cataloged by CISA as an Oracle WebLogic Server remote code execution vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2021-11-03 and listed a remediation due date of 2022-05-03, which makes it a high-priority issue for any environment running affected WebLogic Server instances. The supplied corpus does not include deeper technical details or CVSS scoring, so [truncated]
CVE-2015-4852 is an Oracle WebLogic Server deserialization of untrusted data vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. Because it is marked as known exploited, organizations running WebLogic Server should treat remediation as urgent and follow Oracle's update guidance.
CVE-2012-3152 is an Oracle Fusion Middleware vulnerability that CISA lists in its Known Exploited Vulnerabilities catalog. The available public metadata is limited and does not describe the flaw in detail, but the KEV listing means defenders should treat it as a confirmed exploitation concern and prioritize vendor-directed remediation.
CVE-2017-5611 is a critical SQL injection vulnerability affecting WordPress before 4.7.2. The issue is in wp-includes/class-wp-query.php within WP_Query, and the CVE description says exploitation depends on an affected plugin or theme that mishandles a crafted post type name. WordPress 4.7.2 is the documented security release in the source corpus.
CVE-2017-3443 is a high-severity Oracle E-Business Suite Common Applications vulnerability in the User Interface subcomponent. Oracle and NVD describe it as network-reachable over HTTP, unauthenticated, and requiring human interaction, with successful attacks capable of exposing critical data and allowing unauthorized data modification in affected Common Applications environments. The issue affects suppor [truncated]
CVE-2017-3442 is a high-severity vulnerability in Oracle E-Business Suite’s Customer Interaction History component, specifically the User Interface subcomponent. Oracle and NVD identify affected supported versions 12.1.1, 12.1.2, and 12.1.3. The issue is network reachable over HTTP and can be exploited by an unauthenticated attacker, but successful attacks require human interaction from someone other than [truncated]
CVE-2017-3441 is a HIGH-severity Oracle Customer Interaction History vulnerability in Oracle E-Business Suite. Oracle states it is easily exploitable over HTTP by an unauthenticated attacker, but successful exploitation requires human interaction. If exploited, the issue can lead to unauthorized access to critical data, full access to Customer Interaction History data, and unauthorized update, insert, or [truncated]
CVE-2017-3440 is a high-severity Oracle Customer Interaction History issue in Oracle E-Business Suite. Oracle’s January 2017 security advisory reference and the NVD record describe it as a network-reachable HTTP vulnerability that can be triggered only with human interaction from someone other than the attacker. If exploited, it can expose critical data and allow unauthorized data changes in the affected [truncated]
CVE-2017-3439 is a high-severity Oracle E-Business Suite issue in the One-to-One Fulfillment user interface component. Oracle’s advisory and the NVD record describe it as easily exploitable over HTTP by an unauthenticated attacker, with successful attacks requiring human interaction. The documented impact includes unauthorized access to critical data and unauthorized update, insert, or delete access to so [truncated]