Vulnerability Database

316,882

Total vulnerabilities in the database

CVE-2024-21174

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).

Published: Jul 16, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-21174
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.1
AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

CWEs:

CWE-770

Affected Software
References

Software	From	Fixed in
oracle / database_server	19.3	19.23.x
oracle / database_server	23.4	23.4.x
oracle / database_server	21.3	21.14.x

https://www.oracle.com/security-alerts/cpujul2024.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo