CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-35308
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35307
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to take control of Oracle Coherence. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35306
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars) allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35305
Critical

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars) allows an unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35304
Critical

A vulnerability in the Oracle Coherence product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTPS to compromise Oracle Coherence. It affects versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0.

CVE-2026-35301
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console) allows an unauthenticated attacker with network access via HTTP to compromise WebLogic Server. Affected versions are 12.2.1.4.0 and 14.1.1.0.0.

CVE-2026-35300
Critical

Vulnerability in the WebLogic Server product of Oracle affecting versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0. It allows an unauthenticated attacker with network access to easily exploit and potentially take over the WebLogic Server.

CVE-2026-35298
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware allows a high privileged attacker with network access via HTTP to compromise the WebLogic Server. Attacks may significantly impact additional products.

CVE-2026-35296
Critical

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35294
Critical

Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware allows a low privileged attacker with network access via HTTP to compromise the connector. Attacks may significantly impact additional products, changing the scope of the threat.

CVE-2026-35293
Critical

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites) allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. The supported version affected is 14.1.2.0.0.

CVE-2026-35292
Critical

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Console) allows an unauthenticated attacker with network access via HTTP to compromise WebLogic Server. Affected versions are 14.1.2.0.0 and 15.1.1.0.0.

CVE-2026-35286
Critical

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. It affects versions 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35285
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker with network access to compromise the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35284
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker to remotely take control of the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35283
Critical

A vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker to remotely take control of the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35282
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker to remotely take control of the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35281
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker with network access to take control of the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35280
Critical

Vulnerability in the Oracle WebCenter Enterprise Capture product of Oracle Fusion Middleware allows a low privileged attacker with network access to compromise the system. Affected versions are 12.2.1.4.0 and 14.1.2.0.0.

CVE-2026-35278
Critical

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle, concerning the Performance Monitor component. Versions 8.61 and 8.62 are susceptible to easily exploitable attacks that can lead to system takeover.

PreviousPage 35 of 556Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS