Known Vulnerabilities for Application Server by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Application Server" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54413 json | driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_Securit... | Not Provided | 2026-06-14 | 2026-06-15 |
| CVE-2026-54223 json | UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file o... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-52778 json | YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form f... | Not Provided | 2026-06-08 | 2026-06-09 |
| CVE-2026-50230 json | Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint... | Not Provided | 2026-06-05 | 2026-06-05 |
| CVE-2026-50009 json | Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Nett... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-49755 json | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in wojtekmach Req allows attacker-controlled H... | Not Provided | 2026-06-08 | 2026-06-08 |
| CVE-2026-49357 json | Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operat... | Not Provided | 2026-06-19 | 2026-06-19 |
| CVE-2026-49345 json | Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Ser... | Not Provided | 2026-06-19 | 2026-06-19 |
| CVE-2026-48858 json | Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF v... | Not Provided | 2026-06-10 | 2026-06-11 |
| CVE-2026-48853 json | Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grp... | Not Provided | 2026-06-15 | 2026-06-16 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Application Server | 9.2.0.7 | |||
| Application | Oracle | Application Server | 9.2.0.6 | |||
| Application | Oracle | Application Server | 9.0.4.3 | |||
| Application | Oracle | Application Server | 9.0.4.2 | |||
| Application | Oracle | Application Server | 9.0.4.1 | |||
| Application | Oracle | Application Server | 9.0.4.0 | |||
| Application | Oracle | Application Server | 9.0.4 | |||
| Application | Oracle | Application Server | 9.0.3.1 | |||
| Application | Oracle | Application Server | 9.0.3 | |||
| Application | Oracle | Application Server | 9.0.2.3 | |||
| Application | Oracle | Application Server | 9.0.2.2 | |||
| Application | Oracle | Application Server | 9.0.2.1 | |||
| Application | Oracle | Application Server | 9.0.2.0.1 | |||
| Application | Oracle | Application Server | 9.0.2.0.0 | |||
| Application | Oracle | Application Server | 9.0.2 | |||
| Application | Oracle | Application Server | 9.0.2 | |||
| Application | Oracle | Application Server | 9.0 | |||
| Application | Oracle | Application Server | 8.1.7 | |||
| Application | Oracle | Application Server | 7.0.4.4 | |||
| Application | Oracle | Application Server | 4.0.8.2 |