Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle
Angry Yack Logo
Total 10321 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4423 2 Microsoft, Oracle 2 Windows, Database Server 2025-04-11 6.9 MEDIUM N/A
Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2012-3200 1 Oracle 1 Supply Chain Products Suite 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1.1 allows remote authenticated users to affect confidentiality, related to ROLESPRV.
CVE-2012-0514 1 Oracle 1 Peoplesoft Products 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality, related to SEC.
CVE-2012-1682 1 Oracle 2 Jdk, Jre 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."
CVE-2013-1489 5 Google, Microsoft, Mozilla and 2 more 6 Chrome, Internet Explorer, Firefox and 3 more 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.
CVE-2011-3509 1 Oracle 2 Jd Edwards Enterpriseone Tools, Jd Edwards Products 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-2326, and CVE-2011-3524.
CVE-2010-2379 1 Oracle 1 Peoplesoft And Jdedwards Suite Hcm 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time & Labor component in Oracle PeopleSoft and JDEdwards Suite HCM 9.0 Bundle #13 and HCM 9.1 Bundle #2 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2012-0579 1 Oracle 1 Financial Services Software 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Core.
CVE-2013-1568 1 Oracle 1 Financial Services Software 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 5.3.3, 6.0.1, and 6.2.0 allows remote authenticated users to affect availability via unknown vectors related to CB.
CVE-2013-5871 1 Oracle 1 Supply Chain Products Suite 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and CVE-2014-0444.
CVE-2010-4436 1 Oracle 1 Sunmc 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Web Console.
CVE-2010-2370 1 Oracle 1 Fusion Middleware 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM.
CVE-2013-5832 2 Oracle, Sun 4 Jdk, Jre, Jdk and 1 more 2025-04-11 9.3 HIGH N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5852.
CVE-2012-1677 1 Oracle 1 Fusion Middleware 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors.
CVE-2011-2292 1 Oracle 1 Solaris 2025-04-11 2.4 LOW N/A
Unspecified vulnerability in Oracle Solaris 9 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to xscreensaver.
CVE-2013-3837 2 Oracle, Sun 2 Sunos, Sunos 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao.
CVE-2013-1545 1 Oracle 1 Fusion Middleware 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.
CVE-2013-3827 1 Oracle 1 Fusion Middleware 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.
CVE-2013-0373 1 Oracle 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features.
CVE-2013-1538 1 Oracle 1 Database Server 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.
CVE-2012-3148 1 Oracle 1 E-business Suite 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity, related to Wireless/WAP upload.
CVE-2010-2087 3 Caucho, Ibm, Oracle 3 Resin, Websphere Application Server, Mojarra 2025-04-11 4.3 MEDIUM N/A
Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
CVE-2010-3585 1 Oracle 1 Vm 2025-04-11 9.0 HIGH N/A
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of unspecified functions using XML-RPC.
CVE-2011-0807 2 Oracle, Sun 2 Glassfish Server, Java System Application Server 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration.
CVE-2012-1712 1 Oracle 1 Glassfish Web Space Server10.0 2025-04-11 10.0 HIGH N/A
Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors.
CVE-2013-3763 1 Oracle 1 Fusion Middleware 2025-04-11 5.5 MEDIUM N/A
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764.
CVE-2012-3114 1 Oracle 1 Supply Chain Products Suite 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote attackers to affect integrity via unknown vectors.
CVE-2013-0369 1 Oracle 1 Peoplesoft Products 2025-04-11 5.5 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Query.
CVE-2011-5035 1 Oracle 1 Glassfish Server 2025-04-11 5.0 MEDIUM N/A
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
CVE-2012-0114 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-11 3.0 LOW N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
CVE-2010-2415 1 Oracle 1 Database Server 2025-04-11 4.9 MEDIUM N/A
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH.
CVE-2012-3218 1 Oracle 1 E-business Suite 2025-04-11 5.5 MEDIUM N/A
Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security Groups.
CVE-2012-5383 1 Oracle 1 Mysql 2025-04-11 6.2 MEDIUM N/A
Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, ...

Show More
CVE-2010-3654 7 Adobe, Apple, Google and 4 more 9 Acrobat, Acrobat Reader, Flash Player and 6 more 2025-04-11 9.3 HIGH N/A
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
CVE-2010-3505 1 Oracle 1 Supply Chain Products Suite 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders, Files & Attachments, a different vulnerability than CVE-2010-4429.
CVE-2010-2392 1 Oracle 2 Opensolaris, Solaris 2025-04-11 5.6 MEDIUM N/A
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect integrity and availability, related to ZFS.
CVE-2013-0386 3 Canonical, Mariadb, Oracle 3 Ubuntu Linux, Mariadb, Mysql 2025-04-11 6.8 MEDIUM N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
CVE-2010-0083 1 Oracle 1 Opensolaris 2025-04-11 7.6 HIGH N/A
Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2012-3158 5 Canonical, Debian, Mariadb and 2 more 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more 2025-04-11 7.5 HIGH N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
CVE-2012-1690 3 Mariadb, Oracle, Redhat 6 Mariadb, Mysql, Enterprise Linux Desktop and 3 more 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.