Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle
Angry Yack Logo
Total 10321 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5459 1 Oracle 1 Bea Product Suite 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2009-0994 1 Oracle 1 Application Server 2025-04-09 4.0 MEDIUM N/A
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017.
CVE-2008-3981 1 Oracle 1 Secure Backup 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2009-3405 1 Oracle 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise 2025-04-09 4.1 MEDIUM N/A
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.98.1.4 allows remote authenticated users to affect integrity and availability via unknown vectors.
CVE-2008-2595 1 Oracle 2 Database 10g, Database 9i 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.
CVE-2008-5460 1 Oracle 1 Bea Product Suite 2025-04-09 2.6 LOW N/A
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2007-0278 1 Oracle 1 Database Server 2025-04-09 6.8 MEDIUM N/A
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14).
CVE-2006-7158 1 Oracle 1 Apex 2025-04-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Oracle Application Express (APEX) before 2.2.1, aka Oracle HTML DB, allows remote attackers to inject arbitrary web script or HTML via the NOTIFICATION_MSG parameter. NOTE: it is likely that this issue overlaps one of the identifiers in CVE-2006-5351.
CVE-2008-0870 2 Bea Systems, Oracle 2 Weblogic Portal, Weblogic Portal 2025-04-09 7.5 HIGH N/A
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.
CVE-2008-3976 1 Oracle 2 Database 10g, Database 9i 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414.
CVE-2006-5366 1 Oracle 1 Application Server 2025-04-09 10.0 HIGH N/A
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and remote attack vectors related to (1) Oracle Containers for J2EE, aka Vuln# OC4J01, and (2) Oracle Process Mgmt & Notification, aka OPMN01.
CVE-2009-3410 1 Oracle 1 Database Server 2025-04-09 3.6 LOW N/A
Unspecified vulnerability in the RDBMS component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2008-3989 1 Oracle 1 Database 10g 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability, related to DMSYS.ODM_MODEL_UTIL.
CVE-2008-3983 1 Oracle 3 Database 10g, Database 11i, Database 9i 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.
CVE-2008-1829 1 Oracle 2 Enterpriseone, Peoplesoft Enterprise 2025-04-09 9.0 HIGH N/A
Unspecified vulnerability in the PeopleSoft HCM Recruiting component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1 has unknown impact and remote attack vectors, aka PSE02.
CVE-2006-5349 1 Oracle 1 Http Server 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07.
CVE-2006-5351 1 Oracle 1 Apex 2025-04-09 9.0 HIGH N/A
Multiple unspecified vulnerabilities in Oracle Application Express (formerly Oracle HTML DB) 1.5 up to 2.0 have unknown impact and remote attack vectors, aka Vuln# (1) APEX01, (2) APEX02, (3) APEX03, (4) APEX05, (5) APEX06, (6) APEX07, (7) APEX08, (8) APEX09, (9) APEX10, (10) APEX11, (11) APEX12, (12) APEX13, (13) APEX14, (14) APEX15, (15) APEX16, (16) APEX17, (17) APEX18, (18) APEX19, (19) APEX22, (20) APEX23, (21) APEX24, (22) APEX25, (23) APEX26, (24) APEX27, (25) APEX28, (26) APEX29, (27) AP ...

Show More
CVE-2009-3406 1 Oracle 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise 2025-04-09 2.7 LOW N/A
Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.98.2.1 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2007-5519 1 Oracle 2 Application Server, Collaboration Suite 2025-04-09 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS04.
CVE-2008-1828 2 Jdedwards, Oracle 2 Enterpriseone, Peoplesoft Enterprise 2025-04-09 9.0 HIGH N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.19, 8.48.16, and 8.49.09 has unknown impact and remote authenticated attack vectors, aka PSE01.
CVE-2006-5365 1 Oracle 2 Application Server, E-business Suite 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors, aka Vuln# FORM02.
CVE-2009-0977 1 Oracle 2 Database 10g, Database 9i 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package.
CVE-2008-3994 1 Oracle 3 Database 10g, Database 11i, Database 9i 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.
CVE-2006-5332 1 Oracle 1 Database Server 2025-04-09 9.0 HIGH N/A
Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln# DB01. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB01 is for PL/SQL injection in the ENABLE_HIERARCHY_INTERNAL procedure.
CVE-2008-3985 1 Oracle 1 E-business Suite 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2007-3869 1 Oracle 1 Peoplesoft Enterprise 2025-04-09 7.5 HIGH N/A
Multiple unspecified vulnerabilities in the Customer Relationship Management Online Marketing component in Oracle PeopleSoft Enterprise 8.9 Bundle 26 and 9.0 Bundle 7 allow remote authenticated users to have an unknown impact, aka (1) PSE04 and (2) PSE05.
CVE-2009-0973 1 Oracle 1 Database 10g 2025-04-09 5.0 MEDIUM N/A
Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors.
CVE-2007-3861 1 Oracle 2 Application Server, Collaboration Suite 2025-04-09 7.5 HIGH N/A
Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01.
CVE-2006-5334 1 Oracle 1 Database Server 2025-04-09 7.1 HIGH N/A
Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function.
CVE-2007-2122 1 Oracle 1 Application Server 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03.
CVE-2010-0080 1 Oracle 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise 2025-04-09 4.9 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle, #21 and 9.0 Bundle #11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2007-0289 1 Oracle 1 Application Server 2025-04-09 6.4 MEDIUM N/A
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06.
CVE-2007-5554 1 Oracle 1 Database Server 2025-04-09 7.1 HIGH N/A
Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2008-2617 1 Oracle 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.
CVE-2008-5454 1 Oracle 2 E-business Suite 11i, E-business Suite 12 2025-04-09 4.9 MEDIUM N/A
Unspecified vulnerability in the iProcurement component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2007-2125 1 Oracle 1 Collaboration Suite 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in Collaborative Workspace in Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka OCS01.
CVE-2006-5356 1 Oracle 2 Application Server, Collaboration Suite 2025-04-09 10.0 HIGH N/A
Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J02.
CVE-2007-5509 1 Oracle 1 Database Server 2025-04-09 6.5 MEDIUM N/A
Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06.
CVE-2006-5364 1 Oracle 2 Application Server, Collaboration Suite 2025-04-09 2.1 LOW N/A
Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln# OC4J05.
CVE-2008-1811 1 Oracle 1 Application Express 2025-04-09 5.5 MEDIUM N/A
Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows_030000.wwv_execute_immediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that APEX01 is for insufficient authorization checks for SQL commands in the run_ddl function in flows_030000.wwv_execute_immediate, allowing privilege escalation by certain non-DBA remote a ...

Show More