Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0428 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.
|
|||||
| CVE-2010-3833 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 5.0 MEDIUM | N/A |
|
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
|
|||||
| CVE-2011-3568 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Security.
|
|||||
| CVE-2013-1557 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDe ...
Show More |
|||||
| CVE-2011-0805 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the UIX component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2010-2397 | 1 Oracle | 2 Glassfish Server, Java System Application Server | 2025-04-11 | 2.4 LOW | N/A |
|
Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.
|
|||||
| CVE-2012-0532 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Config Management.
|
|||||
| CVE-2013-2566 | 4 Canonical, Fujitsu, Mozilla and 1 more | 24 Ubuntu Linux, M10-1, M10-1 Firmware and 21 more | 2025-04-11 | 4.3 MEDIUM | 5.9 MEDIUM |
|
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
|
|||||
| CVE-2011-3562 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2014-0416 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
|
|||||
| CVE-2012-1749 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps.
|
|||||
| CVE-2013-2405 | 1 Oracle | 1 Primavera Products Suite | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 7.0, 8.1, and 8.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Access.
|
|||||
| CVE-2013-2393 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 1.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
|
|||||
| CVE-2013-2418 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2013-2452 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network add ...
Show More |
|||||
| CVE-2013-3777 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon.
|
|||||
| CVE-2013-2470 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors relat ...
Show More |
|||||
| CVE-2011-0804 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2013-5894 | 1 Oracle | 1 Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
|
|||||
| CVE-2012-0073 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Forms component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2011-0836 | 1 Oracle | 6 Enterpriseone Tools, Jd Edwards Enterpriseone, Jd Edwards Enterpriseone Ep and 3 more | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
|
|||||
| CVE-2013-5896 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.
|
|||||
| CVE-2013-2389 | 3 Mariadb, Oracle, Redhat | 6 Mariadb, Mysql, Enterprise Linux Desktop and 3 more | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
|
|||||
| CVE-2013-5814 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
|
|||||
| CVE-2010-2381 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0081.
|
|||||
| CVE-2012-0535 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Change Password Page.
|
|||||
| CVE-2010-3598 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility.
|
|||||
| CVE-2013-2448 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors re ...
Show More |
|||||
| CVE-2013-5767 | 1 Oracle | 1 Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
|||||
| CVE-2012-3201 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Products 9.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Self-Service (Student Records).
|
|||||
| CVE-2013-5890 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception Reporting.
|
|||||
| CVE-2011-2318 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 1.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security.
|
|||||
| CVE-2012-1771 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
|
|||||
| CVE-2014-0435 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, and 6.3.2 allows remote authenticated users to affect availability via unknown vectors related to Data, Domain & Function Security.
|
|||||
| CVE-2012-3190 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity, related to UWQ Server Issues.
|
|||||
| CVE-2013-0425 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another ...
Show More |
|||||
| CVE-2011-3514 | 1 Oracle | 2 Jd Edwards Enterpriseone Tools, Jd Edwards Products | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect integrity, related to Enterprise Infrastructure SEC (JDENET).
|
|||||
| CVE-2012-1719 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.
|
|||||
| CVE-2013-5820 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
|
|||||
| CVE-2013-0448 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries.
|
|||||