CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-35319
Critical

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35316
Critical

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware allows a low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35313
Critical

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware, affecting the Authentication Engine. Easily exploitable by a low privileged attacker with network access via HTTP, potentially leading to the takeover of Oracle Access Manager.

CVE-2026-35312
Critical

Vulnerability in the Oracle Virtual Directory product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via LDAP to compromise Oracle Virtual Directory. Affects versions 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35310
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. It affects versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35309
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35308
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35307
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to take control of Oracle Coherence. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35306
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars) allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35305
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars) allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35304
Critical

A vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTPS to compromise Oracle Coherence. It affects versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35301
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console) allows an unauthenticated attacker with network access via HTTP to compromise WebLogic Server. Affected versions are 12.2.1.4.0 and 14.1.1.0.0.

CVE-2026-35300
Critical

Vulnerability in the WebLogic Server product of Oracle affecting versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0. It allows an unauthenticated attacker with network access to easily exploit and potentially take over the WebLogic Server.

CVE-2026-35298
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware allows a high privileged attacker with network access via HTTP to compromise the WebLogic Server. Attacks may significantly impact additional products.

CVE-2026-35296
Critical

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35294
Critical

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware allows a low privileged attacker with network access via HTTP to compromise the connector. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35293
Critical

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites) allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. The supported version affected is 14.1.2.0.0.

CVE-2026-35292
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console) allows an unauthenticated attacker with network access via HTTP to compromise WebLogic Server. Affected versions are 14.1.2.0.0 and 15.1.1.0.0.

CVE-2026-35286
Critical

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. It affects versions 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35285
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker with network access to compromise the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

PreviousPage 31 of 552Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS