Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-53068

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-21 Oct, 2025 | 20:03
Updated At-22 Oct, 2025 | 19:46
Rejected At-
Credits

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:21 Oct, 2025 | 20:03
Updated At:22 Oct, 2025 | 19:46
Rejected At:
▼CVE Numbering Authority (CNA)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Affected Products
Vendor
Oracle CorporationOracle Corporation
Product
Oracle Solaris
Versions
Affected
  • 11 (semver)
Problem Types
TypeCWE IDDescription
N/AN/AEasily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris.
Type: N/A
CWE ID: N/A
Description: Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris.
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.oracle.com/security-alerts/cpuoct2025.html
vendor-advisory
Hyperlink: https://www.oracle.com/security-alerts/cpuoct2025.html
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:21 Oct, 2025 | 20:20
Updated At:24 Oct, 2025 | 14:38

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CPE Matches
Oracle Corporation
oracle
>>solaris>>11
cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-400
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.oracle.com/security-alerts/cpuoct2025.htmlsecalert_us@oracle.com
Vendor Advisory
Hyperlink: https://www.oracle.com/security-alerts/cpuoct2025.html
Source: secalert_us@oracle.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

181Records found
CVE-2018-12207
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 46.84%
||
7 Day CHG-0.02%
Published-14 Nov, 2019 | 19:08
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Action-Not Available
Vendor-n/aopenSUSEOracle CorporationF5, Inc.Fedora ProjectDebian GNU/LinuxIntel CorporationRed Hat, Inc.Canonical Ltd.
Product-xeon_3040xeon_l7555_firmwarexeon_e7-8893_v3xeon_e7420_firmwarexeon_e5-1620_v2_firmwarexeon_e3-1558l_v5xeon_5140_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-2660_v3xeon_e5-2450_v2core_i5-1035g7xeon_e7450core_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e5-2697_v4xeon_d-1527xeon_e5472xeon_x5492_firmwarexeon_x3370_firmwarexeon_w-2125xeon_e7-8890_v3_firmwarexeon_gold_5217_firmwarexeon_e6510xeon_e3-1220_v5_firmwarexeon_e7-8880_v4xeon_e5-2620_v2_firmwarexeon_d-2163it_firmwareceleron_g1610t_firmwarexeon_l7345core_i7-9700xeon_gold_6240_firmwarexeon_gold_6234xeon_e3-1280_v5pentium_gold_g5400txeon_lc5518_firmwarecore_i5-1035g4core_i9-9920x_x-seriesxeon_d-1518xeon_w-2255xeon_e5-1680_v3_firmwarexeon_e5462xeon_e3-1285l_v4_firmwarecore_i5-9600t_firmwarecore_i7-6567u_firmwarexeon_x3380_firmwarexeon_e7-4830_v3_firmwarexeon_gold_6248_firmwareenterprise_linux_servercore_i9-7920xxeon_e5-2683_v4xeon_e5-2608l_v4xeon_e5-1660_v3_firmwarexeon_e-2224xeon_l3110_firmwarexeon_gold_5218celeron_g1830core_i9-7940x_firmwarexeon_d-1567xeon_x5680_firmwarecore_i5-8269u_firmwarecore_i5-6287u_firmwarexeon_e5420xeon_d-2173it_firmwarecore_i5-5350h_firmwarexeon_w-2245xeon_e5-2699_v3xeon_x7350_firmwarexeon_e5620_firmwarecore_i5-8700bxeon_l5215xeon_e3-1240_v5_firmwarecore_i5-5250uxeon_e5-4640_v2xeon_x5472_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e5-4657l_v2xeon_l3426_firmwarecore_i7-5850hqxeon_e7-8870_v4_firmwarexeon_e3-1558l_v5_firmwarexeon_e7-8895_v2_firmwarexeon_e5-2609_v2_firmwarexeon_gold_6240core_i7-6970hqxeon_7150nceleron_g1820te_firmwarexeon_e5-2450l_v2_firmwarecore_i5-9400_firmwarexeon_e7-8893_v4_firmwarexeon_d-2177nt_firmwarecore_i7-8500y_firmwarexeon_e7-4860_v2_firmwarexeon_e5-2667_v4_firmwareceleron_g4930e_firmwarexeon_gold_5218t_xeon_e7-8893_v2xeon_gold_5220s_firmwarexeon_e5520xeon_d-1539core_m3-6y30celeron_g4900txeon_5063_firmwarexeon_e5530_firmwarexeon_w3565core_m-5y31_firmwarexeon_e3-1275_v5_firmwarexeon_x5672xeon_e3-1535m_v5xeon_x5570_firmwareceleron_g3900te_firmwarexeon_l5530_firmwarexeon_e5603xeon_e7-4809_v3xeon_gold_6230_firmwarexeon_d-2146ntceleron_g4932exeon_e5-2609_v2xeon_e3-1268l_v5xeon_7130mxeon_e3110xeon_e7-4820_v3_firmwarexeon_x3210_firmwarexeon_w-2223_firmwarexeon_e3-1260l_v5_firmwarecore_i7-8750hcore_i7-5700hq_firmwarexeon_l5630xeon_e5607_firmwarecore_i3-7100u_firmwarexeon_e5-4669_v4_firmwarexeon_x3220xeon_e5-2680_v2xeon_d-2166ntxeon_e3-1270_v6xeon_e3-1505m_v5xeon_silver_4216xeon_gold_6230xeon_e5-2403_v2_firmwarexeon_w-2195xeon_e5630_firmwareopenshift_container_platformxeon_e5-2628l_v4xeon_e7540_firmwarexeon_e-2276gcore_i5-7267u_firmwarecore_i7-5557u_firmwarexeon_d-2183itxeon_l7455_firmwarecore_i3-5020uxeon_e5-2687w_v2core_i3-7100core_i7-8809gxeon_e5-4667_v3xeon_lc3518_firmwarexeon_e7-4809_v2_firmwarecore_i5-5257ucore_m-5y70xeon_x5677xeon_e3-1230_v6_firmwarecore_i5-7267ucore_i5\+8500xeon_e5220xeon_silver_4208core_m-5y10a_firmwarexeon_e3-1585_v5xeon_l5618_firmwarexeon_e5-2667_v2_firmwarecore_i7-6560uxeon_w-2123core_i5-9400txeon_gold_5220sxeon_platinum_8280m_firmwarecore_i7-5550u_firmwarexeon_platinum_9282core_i5-8300hxeon_x3370xeon_e3-1220_v6_firmwarexeon_e5-2683_v3core_i3-10110yxeon_e5-2637_v2_firmwarexeon_platinum_9242_firmwarexeon_e3-1535m_v6_firmwarexeon_7041xeon_silver_4210xeon_platinum_8256_firmwarexeon_e5649_firmwarexeon_e5420_firmwarexeon_l5240big-ip_application_acceleration_managerxeon_e5-2618l_v4_firmwarepentium_gold_g5500txeon_e5-2650_v3_firmwarexeon_e3-1240l_v5_firmwarexeon_7150n_firmwarexeon_e5-2660_v3_firmwarexeon_platinum_8276mxeon_x3470_firmwarexeon_gold_6238mceleron_g4920xeon_e-2274gcore_i3-6167uxeon_l3360_firmwarecore_i5-9500xeon_d-1540xeon_x3470xeon_e5-1650_v2xeon_e5-2698_v4xeon_e3-1245_v5_firmwarexeon_d-1528core_i7-6500ucore_i7-6500u_firmwarexeon_x3320_firmwareceleron_g3902exeon_e5-4620_v2_firmwarexeon_e3-1280_v6_firmwarexeon_x5260xeon_gold_6230t_firmwarexeon_e5-2620_v3_firmwarexeon_e5-2660_v4xeon_lv_5128_firmwaredebian_linuxxeon_l7345_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_silver_4208_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwarexeon_e-2136_firmwarexeon_e3-1235l_v5_firmwarexeon_e5-2690_v2_firmwarexeon_e5-1660_v2xeon_ec5539core_i7-8565uxeon_e7450_firmwarexeon_x5675xeon_e5-2630_v4_firmwarexeon_e5-2687w_v4core_i9-9980xe_firmwarexeon_l5609_firmwarexeon_e-2274g_firmwarexeon_e7340xeon_e5502_firmwarecore_i5-7300hqcore_i7-7560uxeon_e5-2695_v2_firmwarexeon_e3-1271_v3xeon_gold_6240mxeon_e5-4667_v3_firmwarepentium_gold_g5420txeon_3040_firmwarexeon_e3-1220l_v3_firmwarexeon_x3330core_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259uxeon_e5-2699a_v4_firmwarexeon_d-1529xeon_e3-1265l_v3xeon_x3230core_i9-9900x_x-series_firmwarepentium_gold_g5500xeon_w-3265m_firmwarexeon_e5-4660_v4_firmwarecore_i7-5850hq_firmwarexeon_5040_firmwarexeon_e7-4809_v4xeon_x5690_firmwarecore_i9-7900x_firmwarecore_i7-9850h_firmwarexeon_e5335_firmwarecore_i5-6350hqxeon_e5-2630l_v4_firmwarexeon_gold_5218_firmwarexeon_l7455core_i5-7600tceleron_g1630_firmwareenterprise_linux_server_tusxeon_e5-2618l_v4xeon_l5520_firmwarecore_i5-6350hq_firmwarexeon_e-2224gxeon_5070xeon_w-2135xeon_l3014xeon_l5618xeon_e3-1231_v3_firmwarexeon_x3430_firmwarexeon_l5420_firmwarecore_i5-9300hxeon_w3565_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarexeon_gold_5220t_firmwarecore_i7-8086k_firmwarexeon_gold_5220_firmwarecore_i5-1035g1_firmwareceleron_g1620xeon_w5590core_i5-9400hcore_i7-8500yleapxeon_x5270xeon_e5-4640_v3_firmwarexeon_x5675_firmwarexeon_e5-2680_v4_firmwarecore_i7-5557uxeon_gold_6240m_firmwarexeon_e7530xeon_e5-1630_v4_firmwarexeon_e7-8890_v2xeon_lc5528xeon_x5560xeon_e5-4603_v2_firmwarexeon_e5-2640_v2_firmwarecore_i7-7820hqxeon_e5-2620_v3core_i5-6260u_firmwarexeon_w3690xeon_7041_firmwarexeon_l5640xeon_5063core_i3-8300t_firmwarecore_i3-8109u_firmwarecore_i5-7400_firmwarexeon_gold_6254_firmwarexeon_e3-1275_v5core_i7-9700k_firmwarexeon_x5355core_i9-10980xe_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarexeon_e5-2430_v2_firmwarexeon_5060_firmwarexeon_e5-2450_v2_firmwarexeon_e5-2440_v2_firmwarexeon_e3-1230l_v3xeon_l7445_firmwarexeon_e5-2650_v3xeon_e5-2660_v2_firmwarexeon_e7430xeon_x7560core_i7-6567uxeon_e5-1650_v4_firmwarexeon_x5365core_i7-5775cxeon_e5-2683_v3_firmwarexeon_5070_firmwarexeon_lv_5133_firmwarecore_i9-7900xxeon_e7-8880_v4_firmwareceleron_g3930_firmwarecore_i7-6870hq_firmwarecore_i9-10900x_x-series_firmwarexeon_w-3223xeon_d-1539_firmwarexeon_7130nxeon_d-1559xeon_7130m_firmwarexeon_x5650xeon_w-2235_firmwareceleron_g1610tcore_i5-8265ucore_i5-6300hqxeon_x5670xeon_e5-2648l_v4_firmwarecore_i3-5157u_firmwarepentium_gold_g5400t_firmwarepentium_gold_4410y_firmwarexeon_3070_firmwarexeon_e-2286g_firmwarexeon_d-2183it_firmwarexeon_e3-1220_v3core_i3-5005u_firmwareceleron_g3920_firmwarexeon_e5-4627_v3xeon_e7-4850_v4core_i3-8350kxeon_7110ncore_i5-7500txeon_e3-1505m_v6core_i3-9100core_i5-9600k_firmwarexeon_e7-4880_v2_firmwarexeon_platinum_9282_firmwarexeon_5110_firmwarexeon_e-2224g_firmwarexeon_l5238pentium_gold_g5600xeon_lv_5148_firmwarexeon_e3120xeon_platinum_8276lceleron_g4950_firmwarecore_i7-7700kcore_i7-8705gxeon_e7-4860_v2xeon_l5408_firmwarexeon_platinum_9222big-ip_policy_enforcement_managerxeon_gold_6230tcore_i7-7660uxeon_d-1627_firmwarecore_i3-6100u_firmwarecore_i7-8706gxeon_w-3225xeon_w3550_firmwarexeon_e5-2630_v2_firmwarexeon_e3-1565l_v5xeon_x5470xeon_e5-4610_v2_firmwarepentium_gold_4415u_firmwarexeon_e5-2643_v2_firmwarexeon_e3-1240_v6core_i5-8259u_firmwarexeon_w-2155_firmwarexeon_e7-4850_v3_firmwarecore_i7-8705g_firmwarecore_i3-7100tcore_i7-7700txeon_e7-2850_v2_firmwarexeon_w-3225_firmwarexeon_e5-1630_v4xeon_e5-4660_v3xeon_w-2295core_i9-9900x_x-seriescore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarexeon_e5-2697_v3_firmwarecore_i7-6770hqxeon_e5-2407_v2core_m-5y10axeon_e3-1270_v6_firmwarexeon_gold_5215mcore_i5-7200u_firmwarecore_i7-10510u_firmwarexeon_gold_5215xeon_e5-2667_v3xeon_e7-4820_v3xeon_e5-2650_v2xeon_e-2226g_firmwarexeon_d-2143itxeon_l5238_firmwareceleron_g1610_firmwarexeon_e5405xeon_e5-2699_v4xeon_gold_6244_firmwarexeon_7140n_firmwarexeon_d-2161i_firmwarexeon_e3-1225_v6xeon_e3-1220l_v3core_i7\+8700_firmwarexeon_e5-2699_v3_firmwarexeon_e-2144g_firmwarexeon_e5-2650l_v2_firmwarexeon_e5-2643_v4_firmwarexeon_e3-1225_v5_firmwarexeon_e3-1240l_v5xeon_e5-2690_v3celeron_g1620t_firmwareceleron_g1820_firmwarecore_i3-10110uxeon_e5-1630_v3xeon_w3520xeon_e7530_firmwarecore_i9-10940x_x-series_firmwarexeon_e7310xeon_x5680xeon_e7440xeon_e5-4650_v2_firmwarexeon_x5450_firmwarexeon_e5-2680_v3core_i5-5287u_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mcore_i9-7980xexeon_gold_6240l_firmwarexeon_e5-4655_v3_firmwarexeon_d-2123it_firmwareceleron_g4900t_firmwarexeon_e5502xeon_x5670_firmwarecore_i7-6870hqpentium_gold_4415yxeon_x3480xeon_gold_6238lxeon_e5-2637_v3xeon_e5-2699_v4_firmwarexeon_l5430_firmwarexeon_e7-8890_v2_firmwarecore_i9-10920x_x-seriesxeon_w3670core_i3-1005g1_firmwarexeon_e7-8880l_v3_firmwarebig-ip_advanced_firewall_managerxeon_w-3265mxeon_e5620xeon_e5645core_i5-7500xeon_d-1627xeon_l5518xeon_platinum_8260y_firmwarexeon_x3460xeon_d-1602xeon_x5270_firmwarecore_i5\+8400_firmwarexeon_e3-1270_v5_firmwarexeon_e7-8890_v4core_i5-7200uxeon_e7310_firmwarecore_i5-8350u_firmwareceleron_g1820tceleron_g3930exeon_e5-4607_v2_firmwarexeon_gold_6240y_firmwarexeon_e5-2630l_v3_firmwarexeon_e3-1535m_v5_firmwarexeon_e5-2690_v4xeon_x3230_firmwarexeon_e7-8891_v2pentium_gold_g5600_firmwarexeon_e7-4850_v2xeon_e5-2658_v4_firmwarexeon_e3-1545m_v5xeon_w3680_firmwarecore_i3-9300_firmwarecore_i5-8400txeon_e5430_firmwarexeon_d-2145nt_firmwarepentium_gold_g5600tcore_i3-5015uceleron_g3930tcore_i9-9960x_x-series_firmwarexeon_e7340_firmwarexeon_e7-4870_v2xeon_l5506_firmwarexeon_d-1541_firmwarecore_i7-5775c_firmwarecore_i7-5500uceleron_g4920_firmwarexeon_e3-1260l_v5xeon_l5310_firmwarexeon_e5240_firmwarexeon_d-1623n_firmwarexeon_l5508_firmwarecore_i3-7100hxeon_l5215_firmwarexeon_d-1548_firmwarexeon_3070xeon_e5-2690_v3_firmwarexeon_d-1559_firmwarepentium_gold_g5400_firmwarexeon_x3320xeon_e7-4809_v4_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarexeon_e5-2697a_v4_firmwarexeon_e5450xeon_e5-4650_v3xeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarecore_i5-9400xeon_w3680core_i3-8100txeon_e5-1650_v3_firmwarexeon_platinum_8260xeon_e7210big-ip_global_traffic_managerxeon_bronze_3204_firmwarecore_i7-5550uxeon_d-2142it_firmwarexeon_e5-2470_v2core_i5-7500t_firmwarecore_i7-6820hk_firmwarexeon_e3-1280_v5_firmwarexeon_e5-2420_v2celeron_g4930t_firmwarecore_i7-8650uxeon_bronze_3204xeon_e5-4627_v3_firmwarexeon_e5-2430_v2core_m3-7y30_firmwarexeon_e5504_firmwarexeon_e7-8870_v2_firmwarecore_i7-9750h_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_w3670_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwarepentium_gold_4415uxeon_e7330_firmwarexeon_w5580_firmwarexeon_e-2234_firmwarexeon_w5590_firmwarexeon_e3120_firmwarexeon_x5365_firmwarexeon_gold_5222_firmwarexeon_w-3245xeon_e7-4820_v4_firmwareceleron_g1850_firmwarecore_i3-10110y_firmwarecore_i5-1035g4_firmwarecore_i5-8500bxeon_x5650_firmwarexeon_d-1523ncore_i5-8269uxeon_x3440xeon_e5-4660_v3_firmwarecore_i5-6300hq_firmwarexeon_e-2288gxeon_d-1653ncore_m-5y10_firmwarecore_i7-8709g_firmwarexeon_e5-4650_v2xeon_e5-4669_v4xeon_e7220_firmwarexeon_d-1543n_firmwareceleron_g3900txeon_w-2195_firmwarexeon_w3570enterprise_managerxeon_5040xeon_l7545xeon_x5472xeon_gold_6252n_firmwarexeon_5140core_i5-10210y_firmwarexeon_e5-1650_v3xeon_e5-2630_v2core_m-5y51_firmwarecore_i3-7350kxeon_w-2265_firmwarexeon_e3-1276_v3_firmwarexeon_e7-8891_v3core_i5-8250uxeon_e5440xeon_d-1571_firmwarecore_i7-9700txeon_gold_6252nxeon_7110m_firmwarexeon_l5506xeon_gold_6244xeon_e5-2695_v3xeon_x5690core_i7-8650u_firmwarexeon_w-3245_firmwarexeon_l5318xeon_gold_6226_firmwarecore_i3-5157uxeon_5130_firmwarecore_i5-6200ucore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_x5460_firmwarexeon_3050_firmwarexeon_w-2135_firmwarecore_i9-9940x_x-seriescore_m-5y10c_firmwareceleron_g3902e_firmwarexeon_e5-2603_v2_firmwarexeon_e5-1660_v3xeon_d-1520core_i7-6970hq_firmwarexeon_platinum_8256xeon_gold_6238l_firmwarexeon_e5-2623_v3xeon_e7-4830_v4_firmwarexeon_e5-2680_v2_firmwarexeon_e7-2890_v2xeon_x5647_firmwarexeon_d-1520_firmwarexeon_w-2125_firmwarexeon_e3-1268l_v5_firmwarexeon_w-2175_firmwarexeon_e5507xeon_e3-1241_v3_firmwarexeon_7110n_firmwarexeon_e3-1275_v6xeon_d-1531xeon_x5550core_i3-9300txeon_gold_6262v_firmwarexeon_e-2278gxeon_5120_firmwarexeon_platinum_8260yxeon_platinum_8260m_firmwarexeon_e7-8867_v3xeon_x3350_firmwarexeon_e7-8880_v2_firmwarexeon_e5-2450l_v2core_i9-9980xexeon_d-2142itcore_i5-8265u_firmwarexeon_e3-1281_v3_firmwarexeon_e3-1505m_v6_firmwarexeon_gold_5215m_firmwareceleron_g3930te_firmwarexeon_e3-1545m_v5_firmwarexeon_platinum_8276xeon_x3450_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-5700hqxeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e5-4610a_v4xeon_e5-2630l_v2_firmwarecore_m3-7y30core_i3-9350kxeon_e5-2650l_v2xeon_e5-2680_v3_firmwarexeon_7120mxeon_platinum_8276m_firmwarexeon_x5672_firmwareceleron_g4950xeon_e3-1240l_v3_firmwarexeon_e7-4850_v2_firmwarecore_i7-7700t_firmwarexeon_w-3275_firmwarexeon_e7220xeon_e7-8890_v3xeon_x5660_firmwarexeon_e5-2623_v4_firmwarecore_i5-8200ycore_i9-10900x_x-seriesceleron_g3900t_firmwarexeon_e3-1285_v4_firmwarexeon_w-2275xeon_e5-2697_v2_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_l5320_firmwareceleron_g4900_firmwarecore_i5-7440hqceleron_g1620txeon_e-2144gxeon_e3-1245_v6_firmwarexeon_d-1521xeon_d-2191_firmwarexeon_e5-2637_v3_firmwareceleron_g3900eceleron_g1820tecore_i7-7700_firmwareceleron_g3950_firmwarexeon_e5-4650_v4_firmwarexeon_e5630xeon_3060_firmwarebig-ip_analyticsxeon_7020core_i5-9600tcore_m-5y31xeon_w3540_firmwarecore_i3-9320core_i7-1065g7xeon_w3550core_i3-8130uxeon_x5450xeon_platinum_8276l_firmwarexeon_e5-2650l_v3xeon_lc5518xeon_5030xeon_e5-2687w_v2_firmwarexeon_e3-1230_v5enterprise_linux_server_eusxeon_e5-1630_v3_firmwareenterprise_linux_server_auscore_i3-9100_firmwarexeon_w-3245mxeon_lv_5113_firmwareceleron_g1620_firmwarexeon_e3-1226_v3_firmwarexeon_e5430xeon_e5205_firmwarexeon_e7-8880l_v2xeon_w3530_firmwarexeon_l5408xeon_e5-1680_v3xeon_e5-2670_v2pentium_gold_g5420xeon_e5606xeon_e-2124g_firmwarepentium_gold_g5420t_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarecore_m-5y71_firmwarexeon_e5-2690_v2xeon_e5-4610_v3xeon_e7-8870_v3xeon_x7542pentium_gold_g5420_firmwarecore_i5-7y54xeon_e5-4650_v4xeon_e5-1660_v4xeon_e7-8891_v4xeon_d-1521_firmwarexeon_l5638_firmwarexeon_e5240xeon_e5-1620_v2xeon_e-2226gxeon_e3-1226_v3xeon_d-1557_firmwarexeon_x5687_firmwarecore_i7-5500u_firmwarecore_i3-8145uxeon_e7-4820_v2_firmwarexeon_e5-1620_v3_firmwarexeon_e7-4830_v2core_i5-9600_firmwarexeon_platinum_8268_firmwarexeon_gold_6262vcore_i3-8109uxeon_e5-2609_v4_firmwarexeon_e5-2640_v3xeon_e7-8880l_v3xeon_e5-1620_v4xeon_e6540_firmwarexeon_gold_6238m_firmwarecore_i3-7300xeon_d-1567_firmwarebig-ip_application_security_managerxeon_e5-2630l_v3xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_e-2134_firmwarexeon_silver_4210_firmwarexeon_d-2191xeon_x7460_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e5405_firmwarexeon_lv_5113core_i5-9500_firmwarecore_m-5y10cxeon_e5-4627_v4_firmwarepentium_gold_g5620xeon_platinum_8276_firmwarexeon_e7440_firmwarexeon_e7-8870_v4core_i5-8700b_firmwarexeon_7030xeon_e7540xeon_5060xeon_e3-1265l_v4xeon_ec5509_firmwarexeon_x5482celeron_g3930texeon_e-2136pentium_gold_6405u_firmwarecore_i7-10510ucore_i7-9700kxeon_d-1533n_firmwarecore_i3-8100xeon_w-2265xeon_gold_5215_firmwarexeon_e5335xeon_e5-2667_v4xeon_7130n_firmwarexeon_e5503_firmwarexeon_e3-1285l_v4xeon_w-2245_firmwarexeon_x5470_firmwarexeon_e7-8870_v2xeon_l5410_firmwarecore_i3-7300_firmwarexeon_e7330fedoraxeon_l3406_firmwarexeon_x3430xeon_lc3528core_i5-7287u_firmwarecore_i7-7700core_m-5y10xeon_e5-1680_v4core_i7-7820hq_firmwarexeon_5110core_i7-5950hq_firmwarexeon_e3-1575m_v5_firmwarecore_i7-7920hq_firmwarexeon_platinum_8280l_firmwarexeon_d-1577_firmwarexeon_e-2124_firmwarecore_i7-5750hq_firmwarexeon_e3-1240_v6_firmwarexeon_e5506xeon_e5-4660_v4xeon_x3360_firmwarexeon_e7520_firmwareceleron_g3900_firmwarexeon_e3-1505m_v5_firmwarexeon_d-2187ntcore_i5-8500b_firmwarexeon_e5-2643_v3_firmwareceleron_g4930core_i3-6100h_firmwarecore_i5-7600xeon_e5504core_i9-7940xxeon_w-3265_firmwarexeon_e5-2698_v3_firmwarexeon_7120n_firmwarexeon_e5530xeon_platinum_8253xeon_e5-2630l_v4xeon_e5-4667_v4big-ip_fraud_protection_servicexeon_lv_5128core_i3-8300xeon_e-2186gcore_i5-7400tcore_i3-5005uxeon_e5-2690_v4_firmwarexeon_e-2174gxeon_e5-2630_v4xeon_d-1622xeon_e5-4610_v3_firmwareceleron_g4932e_firmwarexeon_x5355_firmwarexeon_lc5528_firmwarecore_i5-7260uxeon_w-2145_firmwarexeon_e5-2643_v3xeon_d-2145ntxeon_e5450_firmwarexeon_e5-1650_v4big-ip_access_policy_managerxeon_gold_6238core_i7-7500u_firmwarexeon_e5-2630_v3xeon_e5-4627_v2_firmwarecore_i7-7800xxeon_e3-1275_v6_firmwarexeon_e7320core_i5-10210yxeon_e3-1225_v6_firmwarecore_i7-7820hk_firmwarexeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_w-3275mxeon_e7420xeon_e7-8890_v4_firmwarecore_i5-10210u_firmwarexeon_x5460xeon_l5310xeon_d-1513n_firmwarexeon_e5540_firmwarecore_i3-7300t_firmwarexeon_e3-1265l_v4_firmwarexeon_e5-1620_v4_firmwareceleron_g4930exeon_e5472_firmwarepentium_gold_4410yxeon_x3350core_i5-9600xeon_e5-2637_v4_firmwarexeon_e3-1585l_v5_firmwarexeon_e7-8867_v4big-ip_local_traffic_managerxeon_e5410_firmwarexeon_5150_firmwarexeon_e5640xeon_e3-1281_v3pentium_gold_g5600t_firmwarexeon_lv_5133xeon_e-2224_firmwarexeon_x5272_firmwarexeon_e3-1240l_v3pentium_gold_6405uxeon_5050_firmwarecore_i5-9300h_firmwarexeon_e5345celeron_g1820xeon_e7-8880_v3core_i3-9320_firmwarexeon_l5630_firmwarexeon_gold_5220t_xeon_lv_5148xeon_3060core_i9-10940x_x-seriescore_i5-8400b_firmwarexeon_e3-1280_v6xeon_e7-8891_v3_firmwarecore_i5-5200uxeon_e3-1225_v3xeon_e7-4890_v2_firmwarecore_i3-8100_firmwarexeon_e5-2650l_v3_firmwarexeon_l5318_firmwarexeon_5030_firmwarexeon_e5-2697_v3xeon_w3580_firmwarexeon_e5-4603_v2xeon_e5-4627_v4xeon_e-2124core_i5-7287ucore_i7-10710uxeon_d-1541xeon_d-2141ixeon_e7-4830_v4xeon_e3-1275_v3xeon_e7-4809_v2xeon_e5310xeon_e5440_firmwarexeon_d-1633n_firmwarexeon_e-2276g_firmwarexeon_gold_6230n_firmwarexeon_e5-4620_v3_firmwarexeon_gold_5222core_i3-5015u_firmwarecore_i5-7300hq_firmwarexeon_x5260_firmwarexeon_e5-4607_v2core_i7-8706g_firmwarexeon_w-2133_firmwarecore_i3-6100hcore_i5-7400t_firmwarexeon_d-1548xeon_e5-4667_v4_firmwarepentium_gold_4415y_firmwarexeon_e3-1535m_v6xeon_d-1649nxeon_w5580xeon_platinum_9221xeon_l5638xeon_e5-2603_v4_firmwarecore_i7-10510y_firmwarexeon_e3-1220_v5core_i5-5257u_firmwarexeon_7040_firmwarexeon_5050xeon_e-2146g_firmwarexeon_5080xeon_e5-2403_v2xeon_l5335xeon_w3520_firmwarecore_i7-6700hqxeon_e5-2667_v3_firmwarexeon_x5482_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarexeon_x7560_firmwarexeon_e5-2640_v2xeon_5120xeon_e5-2407_v2_firmwarexeon_gold_6238t_firmwarecore_i3-7100_firmwarexeon_e5320_firmwarexeon_e7-8891_v4_firmwarexeon_w-2155xeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_7110mxeon_l5320xeon_e5-2650l_v4_firmwareceleron_g1840_firmwareubuntu_linuxxeon_e5-2623_v3_firmwarexeon_x3480_firmwarexeon_lc3528_firmwarecore_i3-9100txeon_lv_5138xeon_d-1623nxeon_x7550xeon_3065xeon_w-2145pentium_gold_4425yxeon_e5-4650_v3_firmwarecore_m-5y71xeon_e5507_firmwarexeon_platinum_9222_firmwarexeon_platinum_8253_firmwarexeon_d-1622_firmwarexeon_e3-1585_v5_firmwarecore_i3-7167uxeon_e-2176g_firmwarexeon_e5-2620_v2core_i7-7567uceleron_g3900e_firmwarexeon_w-2295_firmwarecore_i3-8145u_firmwarexeon_silver_4214xeon_l5530xeon_d-2161ixeon_e3-1225_v3_firmwarexeon_d-2141i_firmwarecore_i7-7660u_firmwarexeon_e3-1585l_v5xeon_gold_5218bxeon_e7-2880_v2_firmwarexeon_e5-2670_v3xeon_e5-4640_v4_firmwarebig-iq_centralized_managementcore_i7-8750h_firmwarecore_i3-5010u_firmwarecore_i3-7300txeon_e5-1680_v4_firmwarexeon_silver_4216_firmwarexeon_e3-1271_v3_firmwarecore_m3-6y54_firmwarexeon_x5647core_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e5607xeon_e5-2648l_v4xeon_e5645_firmwarexeon_e-2174g_firmwarexeon_e5-4620_v4xeon_e7-8855_v4xeon_7040xeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e3-1515m_v5xeon_x5660xeon_e3-1225_v5xeon_e5-2630l_v2xeon_l7555core_i5-7600_firmwarexeon_l3426xeon_w-3275m_firmwarexeon_5150xeon_e5-2667_v2xeon_e7-4890_v2xeon_e3-1515m_v5_firmwarexeon_lc3518xeon_e5-2630_v3_firmwarexeon_e7-4830_v2_firmwarexeon_w-3175xxeon_e3-1230l_v3_firmwarecore_i5-6267u_firmwarexeon_l5609xeon_gold_6222v_firmwarecore_i7-9750hxeon_platinum_8260_firmwarexeon_e7-8893_v2_firmwarexeon_w-2225xeon_e5-4669_v3xeon_ec5539_firmwarexeon_x3360core_i7-7560u_firmwarexeon_w-2133xeon_e5-1660_v2_firmwarexeon_d-1557xeon_e7-2890_v2_firmwarexeon_e7430_firmwarexeon_e7-2870_v2_firmwarepentium_gold_g5500_firmwarexeon_e7-8860_v3_firmwarexeon_e5-2670_v2_firmwarexeon_d-1553n_firmwarexeon_e5-2687w_v3_firmwarexeon_e5-4627_v2xeon_w-2223core_i9-7920x_firmwarexeon_x6550_firmwarexeon_e5-4620_v2xeon_e5-2470_v2_firmwarecore_i3-8300txeon_e3-1565l_v5_firmwarepentium_gold_g5620_firmwarexeon_ec5549_firmwarexeon_x3460_firmwarexeon_e-2236xeon_e-2236_firmwarexeon_e-2126g_firmwarexeon_gold_6238_firmwareceleron_g1820t_firmwarexeon_x5492xeon_e5640_firmwarecore_i9-7960x_firmwarexeon_x5570celeron_g3950xeon_e5-2640_v4_firmwarecore_i5-8400xeon_x5667_firmwarexeon_gold_6246core_i7-8086kxeon_x7460pentium_gold_g5500t_firmwarexeon_e5-2603_v3_firmwarexeon_e5-2603_v2xeon_d-1527_firmwarepentium_gold_5405u_firmwarebig-ip_domain_name_systemxeon_e5-2683_v4_firmwarexeon_w-3245m_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e5-2603_v3xeon_e7-4850_v4_firmwarexeon_3065_firmwarexeon_gold_6240y_xeon_e7-8870_v3_firmwarexeon_w3540xeon_e5310_firmwarexeon_e-2134xeon_l3360xeon_e5-4655_v3core_i5-5350hxeon_e5-2620_v4_firmwarexeon_d-2163itxeon_e5220_firmwaresolariscore_i5-10310y_firmwarepentium_gold_4417uxeon_e5-4610a_v4_firmwarecore_i7-10510yxeon_gold_5215lxeon_e5-4655_v4xeon_silver_4215_firmwarecore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_l5430xeon_e5-2658_v4xeon_e5-2440_v2xeon_l5335_firmwarexeon_x5272xeon_w3570_firmwarecore_i9-7960xceleron_g3900core_i7-7820xxeon_e7-8893_v3_firmwarecore_i5-9600kxeon_d-1531_firmwarecore_i7-7700hqxeon_e6510_firmwarexeon_e7-4830_v3xeon_e5-2420_v2_firmwarexeon_e5-2698_v3core_i3-9100t_firmwarexeon_e3-1245_v5xeon_l5508xeon_e7-8880_v3_firmwarexeon_7140m_firmwarexeon_e7-8857_v2_firmwarebig-ip_link_controllerxeon_d-1571xeon_gold_6240lxeon_e5-1620_v3xeon_5080_firmwarecore_i5-8350uxeon_w-3223_firmwarecore_m3-6y30_firmwarexeon_e7-8850_v2_firmwareceleron_g1830_firmwarexeon_d-2173itceleron_g3930xeon_d-2123itxeon_e-2246gceleron_g3930t_firmwarexeon_l5240_firmwarexeon_l5420xeon_gold_5218n_firmwarexeon_e5-2670_v3_firmwarexeon_e5-2637_v4xeon_w-2255_firmwarexeon_e3-1241_v3xeon_ec3539_firmwarexeon_e5-2695_v4_firmwarexeon_e5-2687w_v3xeon_x5677_firmwarecore_i5-5200u_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4xeon_e7-4809_v3_firmwarexeon_gold_6242_firmwarexeon_d-1649n_firmwarexeon_e-2104g_firmwarexeon_e5-2609_v4core_i7-7920hqxeon_e3-1220_v3_firmwarexeon_e5503xeon_e5-2660_v2xeon_e5-1650_v2_firmwarexeon_w-2123_firmwarecore_m3-6y54core_i3-6100_firmwarecore_m-5y51xeon_e3-1270_v5xeon_d-1537_firmwarecore_i3-7350k_firmwarexeon_x5560_firmwarexeon_e7320_firmwarexeon_d-2166nt_firmwareceleron_g1840t_firmwarexeon_e3-1246_v3xeon_e5-2643_v4xeon_e5-2699a_v4xeon_7120nxeon_l5410celeron_g1840xeon_l3110core_i3-9300xeon_5160_firmwarexeon_e7-2870_v2xeon_e7-8860_v3xeon_e-2244gcore_i5\+8400xeon_e-2176gxeon_e5-2698_v4_firmwarexeon_7020_firmwarexeon_e5-2637_v2xeon_7140mceleron_g1630core_i7-8709gxeon_l3014_firmwarexeon_l7545_firmwarecore_i3-5020u_firmwarexeon_e7-4870_v2_firmwarexeon_l5640_firmwarexeon_3050xeon_e5-2650l_v4xeon_7120m_firmwarexeon_l5518_firmwarexeon_d-1529_firmwarepentium_gold_4417u_firmwarexeon_d-1637_firmwarecore_m3-8100y_firmwarexeon_e-2104gcore_i7-5950hqxeon_7030_firmwarexeon_e7-8850_v2xeon_e5-2695_v2core_i5-6260uxeon_5130xeon_e5-4640_v2_firmwarexeon_e5606_firmwarexeon_e5345_firmwarexeon_silver_4214_firmwareceleron_g4930_firmwarecore_i5-9500tceleron_g1610xeon_d-2143it_firmwarexeon_platinum_9242core_i5-7400xeon_platinum_8280lxeon_e7-4850_v3xeon_d-1523n_firmwarexeon_platinum_8280_firmwarexeon_e5-2697_v2xeon_x7350core_i3-7320xeon_e5205xeon_e7-8880l_v2_firmwarexeon_e5-4669_v3_firmwarecore_i9-9960x_x-seriesxeon_e3-1230_v6xeon_e7-8867_v3_firmwarexeon_e5-2430l_v2core_i5-1035g1xeon_w3580xeon_gold_6230ncore_i5-5250u_firmwarexeon_w-3265core_i7-8565u_firmwarexeon_gold_6246_firmwarexeon_e7-2850_v2pentium_gold_4425y_firmwarexeon_gold_5218nxeon_e5-2620_v4xeon_platinum_9221_firmwarexeon_e-2186g_firmwarexeon_ec5549xeon_e3-1276_v3xeon_w3530core_i5-7600t_firmwarexeon_e-2124gxeon_e3-1231_v3core_i9-7980xe_firmwarexeon_e6540core_i5-7440hq_firmwarexeon_e7-8880_v2xeon_e7-8891_v2_firmwarexeon_x3380xeon_e5462_firmwarexeon_gold_5220xeon_e-2234xeon_e7-8860_v4_firmwarexeon_d-1637xeon_d-1577celeron_g3930e_firmwarexeon_gold_6254xeon_silver_4209t_firmwarecore_i7-9850hcore_i7-9700t_firmwarexeon_x3210xeon_gold_5215l_firmwarecore_i7-7820x_firmwarexeon_e3110_firmwarexeon_e5-2640_v4xeon_e7-8893_v4core_i3-8130u_firmwarexeon_ec3539celeron_g3920core_i3-7100uceleron_g1850core_i5-5287uxeon_d-1653n_firmwarexeon_w-3275core_i5-7600kxeon_platinum_8270_firmwarexeon_e5-2640_v3_firmwarexeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_gold_6234_firmwarexeon_d-1633ncore_i3-7100t_firmwareceleron_g1840tcore_i5-7360uxeon_e7-4820_v4xeon_e5-2650_v2_firmwarexeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_d-1518_firmwarexeon_e3-1220_v6xeon_e5649xeon_platinum_8280core_m3-8100ycore_m-5y70_firmwarecore_i5-8250u_firmwarexeon_e3-1246_v3_firmwarecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e5520_firmwarexeon_e5-4657l_v2_firmwarexeon_e3-1285_v4xeon_e5320xeon_x7550_firmwarecore_i7-7700hq_firmwarexeon_e3-1265l_v3_firmwarecore_i7-6820hkxeon_d-2146nt_firmwarexeon_e3-1230_v5_firmwarexeon_x5687xeon_e3-1275_v3_firmwarecore_i5-10310ycore_i9-10920x_x-series_firmwarexeon_gold_5218b_firmwarecore_i5-8400t_firmwarexeon_e7-8857_v2xeon_lv_5138_firmwarexeon_e-2286gxeon_gold_6222vcore_i9-9940x_x-series_firmwarexeon_5160xeon_x6550xeon_x5550_firmwarexeon_gold_6242xeon_x7542_firmwarexeon_e5-4610_v2xeon_e7-4820_v2xeon_e-2244g_firmwarexeon_e3-1575m_v5xeon_e7-8895_v2xeon_e7-8855_v4_firmwarexeon_platinum_8270xeon_e5-2650_v4xeon_x3450xeon_e5-2660_v4_firmwarexeon_d-1533nxeon_x3330_firmwarexeon_e3-1245_v6xeon_silver_4215xeon_w-3175x_firmwarexeon_l7445xeon_w-2235xeon_e5-2695_v4xeon_7140ncore_i7-6560u_firmwarecore_i3-8300_firmwareceleron_g4930tcore_i7-1065g7_firmwarecore_i5\+8500_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4xeon_e5506_firmwarecore_i9-10980xexeon_e5-2643_v2xeon_e5-2695_v3_firmwarexeon_e7-8860_v4xeon_w3690_firmwarexeon_e5-2430l_v2_firmwarexeon_x3220_firmwarecore_i7-8809g_firmwarexeon_e7520xeon_e7-4880_v2xeon_e7-8867_v4_firmwareceleron_g4900core_i5-9400h_firmwarecore_i3-5010upentium_gold_g5400core_i3-6100xeon_ec5509xeon_l5520xeon_x5667core_i3-10110u_firmwarexeon_x3440_firmwarexeon_gold_6226core_i5-9500t_firmwarexeon_gold_6252xeon_e5410core_i7-6770hq_firmwarexeon_e5-4640_v3core_i7-5750hqcore_i5-6267upentium_gold_5405uceleron_g3900tecore_i3-1005g1core_i9-9920x_x-series_firmwarexeon_l3406xeon_gold_6252_firmwarexeon_e7210_firmwarecore_i5-8305gxeon_e5603_firmwarecore_i5-9400t_firmwarexeon_platinum_8260lcore_i7-8559uxeon_d-1602_firmwarexeon_e5540core_i7-9700_firmwarexeon_e-2146gxeon_d-2177ntxeon_w-2175xeon_e7-2880_v22019.2 IPU – Intel(R) Processor Machine Check Error
CWE ID-CWE-20
Improper Input Validation
CVE-2020-2951
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 38.89%
||
7 Day CHG-0.00%
Published-15 Apr, 2020 | 13:29
Updated-27 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2020-2725
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.69%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Sep, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2020-2703
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.69%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:34
Updated-30 Sep, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36 and prior to 6.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2024-21106
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 36.31%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-26 Aug, 2025 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2022-21471
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.25%
||
7 Day CHG~0.00%
Published-19 Apr, 2022 | 20:38
Updated-24 Sep, 2024 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2021-35539
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 22.77%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 10:49
Updated-25 Sep, 2024 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2019-3021
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.51%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 17:40
Updated-01 Oct, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxVM VirtualBox
CVE-2019-2848
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.82%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-openSUSEOracle Corporation
Product-vm_virtualboxleapVM VirtualBox
CVE-2018-6616
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.75%
||
7 Day CHG~0.00%
Published-04 Feb, 2018 | 22:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

Action-Not Available
Vendor-uclouvainn/aOracle CorporationCanonical Ltd.Debian GNU/Linux
Product-openjpegdebian_linuxubuntu_linuxgeorastern/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21945
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-30 Jan, 2026 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-jdkgraalvm_for_jdkgraalvmjreOracle Java SEOracle GraalVM Enterprise EditionOracle GraalVM for JDK
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21941
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.29%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21942
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.02% / 3.50%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystems). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisOracle Solaris
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21952
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.29%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21955
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxOracle VM VirtualBox
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21950
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.86%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-21838
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.95% / 76.22%
||
7 Day CHG+0.45%
Published-17 Jan, 2023 | 23:35
Updated-17 Sep, 2024 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-43859
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.88% / 82.94%
||
7 Day CHG~0.00%
Published-01 Feb, 2022 | 12:08
Updated-03 Nov, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service by injecting highly recursive collections or maps in XStream

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. See GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not possible.

Action-Not Available
Vendor-xstreamx-streamFedora ProjectJenkinsOracle CorporationDebian GNU/Linux
Product-communications_brm_-_elastic_charging_enginecommerce_guided_searchdebian_linuxflexcube_private_bankingcommunications_cloud_native_core_automated_test_suiteretail_xstore_point_of_servicecommunications_policy_managementxstreamjenkinsfedoracommunications_diameter_intelligence_hubxstream
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-21996
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.68% / 71.24%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 19:54
Updated-13 Sep, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-17189
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-1.42% / 80.38%
||
7 Day CHG-2.98%
Published-30 Jan, 2019 | 22:00
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.

Action-Not Available
Vendor-Canonical Ltd.The Apache Software FoundationRed Hat, Inc.NetApp, Inc.Fedora ProjectDebian GNU/LinuxOracle Corporation
Product-http_serversun_zfs_storage_appliance_kitubuntu_linuxdebian_linuxinstantis_enterprisetrackfedoraretail_xstore_point_of_serviceenterprise_linuxstorage_automation_storehospitality_guest_accesssantricity_cloud_connectorenterprise_manager_ops_centerjboss_core_servicesApache HTTP Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22883
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-86.08% / 99.39%
||
7 Day CHG-5.05%
Published-03 Mar, 2021 | 17:38
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)Oracle CorporationNetApp, Inc.Siemens AGFedora Project
Product-sinec_infrastructure_network_servicespeoplesoft_enterprise_peopletoolsgraalvme-series_performance_analyzermysql_clusternosql_databasefedorajd_edwards_enterpriseone_toolsnode.jsNode
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2021-22119
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.5||HIGH
EPSS-4.90% / 89.46%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 16:15
Updated-03 Aug, 2024 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions.

Action-Not Available
Vendor-n/aOracle CorporationVMware (Broadcom Inc.)
Product-spring_securitycommunications_cloud_native_core_policySpring Security
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-32014
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 13:20
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.

Action-Not Available
Vendor-sheetjsn/aOracle Corporation
Product-sheetjssheetjs_prorest_data_servicesn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-32013
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 13:20
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of 2).

Action-Not Available
Vendor-sheetjs_projectn/aOracle Corporation
Product-sheetjssheetjs_prorest_data_servicesn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22696
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.97% / 83.35%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 10:05
Updated-13 Feb, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OAuth 2 authorization service vulnerable to DDos attacks

CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)). Instead of sending a JWT token as a "request" parameter, the spec also supports specifying a URI from which to retrieve a JWT token from via the "request_uri" parameter. CXF was not validating the "request_uri" parameter (apart from ensuring it uses "https) and was making a REST request to the parameter in the request to retrieve a token. This means that CXF was vulnerable to DDos attacks on the authorization server, as specified in section 10.4.1 of the spec. This issue affects Apache CXF versions prior to 3.4.3; Apache CXF versions prior to 3.3.10.

Action-Not Available
Vendor-Oracle CorporationThe Apache Software Foundation
Product-communications_diameter_intelligence_hubcommunications_session_route_managerbusiness_intelligencecommunications_session_report_managercxfcommunications_element_managerApache CXF
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2021-32012
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 13:20
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of 2).

Action-Not Available
Vendor-sheetjs_projectn/aOracle Corporation
Product-sheetjssheetjs_prorest_data_servicesn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-30468
Matching Score-6
Assigner-Apache Software Foundation
ShareView Details
Matching Score-6
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.90% / 83.02%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 12:00
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter

A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.

Action-Not Available
Vendor-The Apache Software FoundationOracle Corporation
Product-communications_messaging_servertomeebusiness_intelligencecxfcommunications_element_managerApache CXF
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-21348
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.91%
||
7 Day CHG~0.00%
Published-22 Mar, 2021 | 23:45
Updated-23 May, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.

Action-Not Available
Vendor-xstreamx-streamNetApp, Inc.Oracle CorporationFedora ProjectThe Apache Software FoundationDebian GNU/Linux
Product-xstreamcommunications_unified_inventory_managementcommunications_billing_and_revenue_management_elastic_charging_enginewebcenter_portaloncommand_insightmysql_serverbanking_virtual_account_managementjmetercommunications_policy_managementactivemqretail_xstore_point_of_servicedebian_linuxbanking_enterprise_default_managementfedorabanking_platformbusiness_activity_monitoringxstream
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-21948
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 14.29%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 15:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-11056
Matching Score-6
Assigner-Dell
ShareView Details
Matching Score-6
Assigner-Dell
CVSS Score-6.5||MEDIUM
EPSS-1.96% / 83.32%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service.

Action-Not Available
Vendor-Dell Inc.RSA Security LLCOracle Corporation
Product-timesten_in-memory_databasebsafe_crypto-ccommunications_ip_service_activatorcore_rdbmscommunications_analyticsbsafegoldengate_application_adaptersreal_user_experience_insightapplication_testing_suitejd_edwards_enterpriseone_toolsretail_predictive_application_serverenterprise_manager_ops_centersecurity_serviceBSAFE Crypto-C Micro EditionBSAFE Micro Edition Suite
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-20265
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-10 Mar, 2021 | 15:30
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncOracle Corporation
Product-tekelec_platform_distributionlinux_kernelkernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-21925
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 44.31%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 19:54
Updated-16 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Health Sciences InForm. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Health Sciences InForm. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-health_sciences_informHealth Sciences InForm
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-21964
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.68% / 71.24%
||
7 Day CHG~0.00%
Published-18 Apr, 2023 | 19:54
Updated-16 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-weblogic_serverWebLogic Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-8277
Matching Score-6
Assigner-HackerOne
ShareView Details
Matching Score-6
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-47.58% / 97.66%
||
7 Day CHG-11.31%
Published-19 Nov, 2020 | 00:32
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

Action-Not Available
Vendor-c-ares_projectNode.js (OpenJS Foundation)Oracle CorporationFedora Project
Product-blockchain_platformgraalvmc-aresmysql_clusterfedoraretail_xstore_point_of_servicejd_edwards_enterpriseone_toolsnode.jsNode
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7733
Matching Score-6
Assigner-Snyk
ShareView Details
Matching Score-6
Assigner-Snyk
CVSS Score-7.5||HIGH
EPSS-0.77% / 73.32%
||
7 Day CHG-0.43%
Published-16 Sep, 2020 | 14:10
Updated-17 Sep, 2024 | 04:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

Action-Not Available
Vendor-ua-parser-js_projectn/aOracle Corporation
Product-communications_cloud_native_core_network_function_cloud_native_environmentua-parser-jsua-parser-js
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7760
Matching Score-6
Assigner-Snyk
ShareView Details
Matching Score-6
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 56.43%
||
7 Day CHG~0.00%
Published-30 Oct, 2020 | 11:10
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)*

Action-Not Available
Vendor-codemirrorn/aOracle Corporation
Product-codemirrorapplication_expressessbasehyperion_data_relationship_managemententerprise_manager_express_user_interfacespatial_studiocodemirrororg.apache.marmotta.webjars:codemirror
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-7016
Matching Score-6
Assigner-Elastic
ShareView Details
Matching Score-6
Assigner-Elastic
CVSS Score-4.8||MEDIUM
EPSS-0.48% / 64.79%
||
7 Day CHG+0.10%
Published-27 Jul, 2020 | 18:00
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming unresponsive.

Action-Not Available
Vendor-Oracle CorporationElasticsearch BV
Product-communications_cloud_native_core_network_function_cloud_native_environmentkibanapeoplesoft_enterprise_peopletoolscommunications_billing_and_revenue_managementKibana
CWE ID-CWE-185
Incorrect Regular Expression
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-62475
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-23 Oct, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-zfs_storage_appliance_kitOracle ZFS Storage Appliance Kit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-62476
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-23 Oct, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Remote Replication). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-zfs_storage_appliance_kitOracle ZFS Storage Appliance Kit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-62477
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-23 Oct, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Remote Replication). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-zfs_storage_appliance_kitOracle ZFS Storage Appliance Kit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-62478
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:03
Updated-23 Oct, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Object Store). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-zfs_storage_appliance_kitOracle ZFS Storage Appliance Kit
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21949
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.86%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-29 Jan, 2026 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-28469
Matching Score-6
Assigner-Snyk
ShareView Details
Matching Score-6
Assigner-Snyk
CVSS Score-5.3||MEDIUM
EPSS-0.33% / 55.76%
||
7 Day CHG-0.56%
Published-03 Jun, 2021 | 15:15
Updated-16 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Regular Expression Denial of Service (ReDoS)

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Action-Not Available
Vendor-gulpjsn/aOracle Corporation
Product-glob-parentcommunications_cloud_native_core_policyglob-parent
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-21956
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-8.2||HIGH
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-20 Jan, 2026 | 21:56
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-vm_virtualboxOracle VM VirtualBox
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-27223
Matching Score-6
Assigner-Eclipse Foundation
ShareView Details
Matching Score-6
Assigner-Eclipse Foundation
CVSS Score-5.2||MEDIUM
EPSS-42.64% / 97.41%
||
7 Day CHG+8.83%
Published-26 Feb, 2021 | 21:55
Updated-20 Aug, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.

Action-Not Available
Vendor-Debian GNU/LinuxOracle CorporationNetApp, Inc.Eclipse Foundation AISBLThe Apache Software Foundation
Product-debian_linuxsnapcenterrest_data_servicessolidfiresnap_creator_frameworke-series_santricity_os_controllersparkhcimanagement_services_for_element_softwaree-series_santricity_web_servicesjettynifisolrhci_management_nodesnapmanagerelement_plug-in_for_vcenter_serverEclipse Jetty
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-50101
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.07% / 20.84%
||
7 Day CHG~0.00%
Published-15 Jul, 2025 | 19:27
Updated-17 Jul, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysqlMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53044
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53040
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53053
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-53046
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.54%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 20:02
Updated-23 Oct, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Analytics). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-zfs_storage_appliance_kitOracle ZFS Storage Appliance Kit
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found