VDB
NCSC-2025-0334
NCSC-2025-0334
PUBLISHED
CVSS 7.5 HIGH
Oracle heeft kwetsbaarheden verholpen in Oracle Fusion Middleware componenten.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| vers:unknown/* |
Exploit Intelligence
- Apache's commons-lang2 v2.6 with a backported fix for CVE-2025-48924 (github-poc)
- CVE-2025-27817 (github-poc)
- CVE-2025-48734 - Affects Apache Commons BeanUtils in versions prior to 1.11.0 (and the 2.x branch before 2.0.0-M2). (github-poc-repo)
- CVE-2025-61757 (github-poc)
- Oracle Identity Manager 远程代码执行漏洞CVE-2025-61757 (github-poc)
- CVE-2025-48976_CVE-2025-48988 (github-poc)
- CVE-2025-48734 - Affects Apache Commons BeanUtils in versions prior to 1.11.0 (and the 2.x branch before 2.0.0-M2). (github-poc)
- Apache Kafka客户端未对用户输入进行严格验证和限制,未经身份验证的攻击者可通过构造恶意配置读取环境变量或磁盘任意内容,或向非预期位置发送请求,提升REST API的文件系统/环境/URL访问权限。 (github-poc)
- CVE-2025-27817 (github-poc)
- exploit for CVE-2025-27533, a Denial of Service (DoS) vulnerability in Apache ActiveMQ (github-poc)
…and 31 more exploits
Timeline
- Oct 23, 2025 CVE Published
- Nov 21, 2025 CVE Updated