Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle
Angry Yack Logo
Total 10321 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-4232 1 Oracle 2 Virtualization, Virtualization Secure Global Desktop 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463.
CVE-2016-0509 1 Oracle 1 E-business Suite 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AP Web Utilities.
CVE-2014-6471 1 Oracle 1 E-business Suite 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to OAM Diagnostics.
CVE-2014-6587 1 Oracle 2 Jdk, Jre 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2014-2439 1 Oracle 1 Virtualization 2025-04-12 6.4 MEDIUM N/A
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.
CVE-2014-4245 1 Oracle 1 Database Server 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2013-7421 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2025-04-12 2.1 LOW N/A
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.
CVE-2014-6560 1 Oracle 1 Database Server 2025-04-12 9.0 HIGH N/A
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6467, and CVE-2014-6545.
CVE-2015-0470 1 Oracle 2 Jdk, Jre 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
CVE-2015-2625 1 Oracle 3 Jdk, Jre, Jrockit 2025-04-12 2.6 LOW N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
CVE-2016-3504 1 Oracle 1 Jdeveloper 2025-04-12 7.5 HIGH 9.8 CRITICAL
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces.
CVE-2015-0421 2 Novell, Oracle 3 Suse Linux Enterprise Desktop, Jdk, Jre 2025-04-12 6.9 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process.
CVE-2016-3158 3 Fedoraproject, Oracle, Xen 3 Fedora, Vm Server, Xen 2025-04-12 1.7 LOW 3.8 LOW
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076.
CVE-2014-9750 4 Debian, Ntp, Oracle and 1 more 6 Debian Linux, Ntp, Linux and 3 more 2025-04-12 5.8 MEDIUM N/A
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.
CVE-2016-5631 1 Oracle 1 Mysql 2025-04-12 4.0 MEDIUM 4.9 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.
CVE-2014-6590 2 Opensuse, Oracle 2 Opensuse, Vm Virtualbox 2025-04-12 3.2 LOW N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6595, and CVE-2015-0427.
CVE-2016-3434 1 Oracle 1 Application Object Library 2025-04-12 4.3 MEDIUM 4.7 MEDIUM
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Logout.
CVE-2014-0463 1 Oracle 2 Jdk, Jre 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0464.
CVE-2014-2491 1 Oracle 1 Siebel Crm 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework, a different vulnerability than CVE-2014-4205.
CVE-2015-0464 1 Oracle 1 Supply Chain Products Suite 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote attackers to affect confidentiality via unknown vectors related to Security.
CVE-2015-8668 3 Libtiff, Oracle, Redhat 6 Libtiff, Linux, Vm Server and 3 more 2025-04-12 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVE-2015-2729 2 Mozilla, Oracle 4 Firefox, Firefox Esr, Thunderbird and 1 more 2025-04-12 5.0 MEDIUM N/A
The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2016-3579 1 Oracle 1 Outside In Technology 2025-04-12 9.0 HIGH 8.6 HIGH
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and C ...

Show More
CVE-2016-5506 1 Oracle 1 Identity Manager 2025-04-12 3.3 LOW 3.1 LOW
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server.
CVE-2014-6582 1 Oracle 1 E-business Suite 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation.
CVE-2014-2486 1 Oracle 1 Vm Virtualbox 2025-04-12 3.0 LOW N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2477.
CVE-2015-6246 2 Oracle, Wireshark 3 Linux, Solaris, Wireshark 2025-04-12 4.3 MEDIUM N/A
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2016-3497 1 Oracle 1 Solaris 2025-04-12 4.9 MEDIUM 5.5 MEDIUM
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471.
CVE-2016-5557 1 Oracle 1 Advanced Pricing 2025-04-12 5.8 MEDIUM 8.2 HIGH
Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
CVE-2015-4797 1 Oracle 1 Supply Chain Products Suite 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security.
CVE-2016-3464 1 Oracle 1 Flexcube Direct Banking 2025-04-12 4.0 MEDIUM 5.7 MEDIUM
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts.
CVE-2015-2570 1 Oracle 1 Supply Chain Products Suite 2025-04-12 6.5 MEDIUM N/A
Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security.
CVE-2016-3614 2 Canonical, Oracle 2 Ubuntu Linux, Mysql 2025-04-12 3.5 LOW 5.3 MEDIUM
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.
CVE-2016-5386 4 Fedoraproject, Golang, Oracle and 1 more 6 Fedora, Go, Linux and 3 more 2025-04-12 6.8 MEDIUM 8.1 HIGH
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
CVE-2014-4228 1 Oracle 1 Vm Virtualbox 2025-04-12 4.4 MEDIUM N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.
CVE-2016-3571 1 Oracle 1 Primavera P6 Enterprise Project Portfolio Management 2025-04-12 5.8 MEDIUM 6.1 MEDIUM
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3569, CVE-2016-3570, and CVE-2016-3573.
CVE-2016-0684 1 Oracle 1 Micros Arspos 2025-04-12 6.8 MEDIUM 6.5 MEDIUM
Unspecified vulnerability in the Oracle Retail MICROS ARS POS component in Oracle Retail Applications 1.5 allows remote authenticated users to affect confidentiality via vectors related to POS.
CVE-2016-3435 1 Oracle 1 Peoplesoft Enterprise Peopletools 2025-04-12 4.3 MEDIUM 4.7 MEDIUM
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology.
CVE-2016-0450 1 Oracle 1 Goldengate 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors.
CVE-2014-8559 6 Canonical, Linux, Novell and 3 more 11 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 8 more 2025-04-12 4.9 MEDIUM 5.5 MEDIUM
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.