Every CVE whose affected-product data names Oracle Forms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2005-1178 — CVSS 7.5 (high): SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.
CVE-2005-2372 — CVSS 7.2 (high): Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which…
CVE-2019-2886 — CVSS 6.1 (medium): Vulnerability in the Oracle Forms product of Oracle Fusion Middleware (component: Services). The supported version that is affected is…
CVE-2005-3207 — CVSS 5.0 (medium): The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial of service (TNS listener stop) via a…
CVE-2005-2294 — CVSS 2.1 (low): Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database…