No results found

Your search did not match any results.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Try one of the popular searches shown below.
  • Start a new search.
Trending Questions

How to Report Security Vulnerabilities to Oracle

If you are an Oracle customer or partner, please use My Oracle Support to submit a service request for any security vulnerability you believe you have discovered in an Oracle product. If you are not a customer or partner, please email with your discovery. We encourage people who contact Oracle Security to use email encryption using our encryption key.

Oracle values the members of the independent security research community who find security vulnerabilities and work with Oracle so that security fixes can be issued to all customers. Oracle's policy is to credit all researchers in the Critical Patch Update Advisory document when a fix for the reported security bug is issued. In order to receive credit, security researchers must follow responsible disclosure practices, including:

  • They do not publish the vulnerability prior to Oracle releasing a fix for it
  • They do not divulge exact details of the issue, for example, through exploits or proof-of-concept code

Oracle does not credit employees or contractors of Oracle and its subsidiaries for vulnerabilities they have found.