Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3589 | 1 Oracle | 1 Flexcube Direct Banking | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Applications 12.0.1, 12.0.2, and 12.0.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2015-3330 | 4 Apple, Oracle, Php and 1 more | 11 Mac Os X, Linux, Solaris and 8 more | 2025-04-12 | 6.8 MEDIUM | N/A |
|
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
|
|||||
| CVE-2016-3486 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.
|
|||||
| CVE-2015-0446 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
|
|||||
| CVE-2016-3960 | 3 Fedoraproject, Oracle, Xen | 3 Fedora, Vm Server, Xen | 2025-04-12 | 7.2 HIGH | 8.8 HIGH |
|
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
|
|||||
| CVE-2015-0473 | 1 Oracle | 1 Enterprise Manager Grid Control | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control MOS 12.1.0.5 and 12.1.0.6 allows remote attackers to affect integrity via unknown vectors related to My Oracle Support Plugin.
|
|||||
| CVE-2015-1351 | 3 Apple, Oracle, Php | 5 Mac Os X, Linux, Secure Backup and 2 more | 2025-04-12 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2016-5635 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.
|
|||||
| CVE-2016-0673 | 1 Oracle | 1 Siebel Ui Framework | 2025-04-12 | 4.9 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI.
|
|||||
| CVE-2015-2639 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.
|
|||||
| CVE-2014-2422 | 1 Oracle | 3 Javafx, Jdk, Jre | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2.51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2016-3501 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
|
|||||
| CVE-2015-0389 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592.
|
|||||
| CVE-2016-0663 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | 4.7 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema.
|
|||||
| CVE-2016-0469 | 1 Oracle | 1 Micros C2 | 2025-04-12 | 4.6 MEDIUM | 5.5 MEDIUM |
|
Unspecified vulnerability in the Oracle Retail MICROS C2 component in Oracle Retail Applications 9.89.0.0 allows local users to affect confidentiality via vectors related to POS.
|
|||||
| CVE-2014-4264 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.
|
|||||
| CVE-2016-1957 | 4 Mozilla, Novell, Opensuse and 1 more | 6 Firefox, Thunderbird, Suse Package Hub For Suse Linux Enterprise and 3 more | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
|
|||||
| CVE-2015-4740 | 1 Oracle | 1 Database Server | 2025-04-12 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2015-4751 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
|
|||||
| CVE-2016-5488 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445.
|
|||||
| CVE-2016-3472 | 1 Oracle | 1 Siebel Engineering-installer And Deployment | 2025-04-12 | 3.5 LOW | 5.7 MEDIUM |
|
Unspecified vulnerability in the Siebel Engineering - Installer and Deployment component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Web Server.
|
|||||
| CVE-2016-0581 | 1 Oracle | 1 Approvals Management | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Approvals Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to AME Page rendering.
|
|||||
| CVE-2016-3586 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3510.
|
|||||
| CVE-2015-4774 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 3.3 LOW | N/A |
|
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4779 and CVE-2015-4788.
|
|||||
| CVE-2016-0531 | 1 Oracle | 1 Applications Manager | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Oracle Diagnostics Interfaces.
|
|||||
| CVE-2014-0191 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
|
|||||
| CVE-2014-9660 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 7.5 HIGH | N/A |
|
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
|
|||||
| CVE-2014-9659 | 5 Canonical, Fedoraproject, Freetype and 2 more | 5 Ubuntu Linux, Fedora, Freetype and 2 more | 2025-04-12 | 7.5 HIGH | N/A |
|
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
|
|||||
| CVE-2016-0598 | 6 Canonical, Debian, Mariadb and 3 more | 16 Ubuntu Linux, Debian Linux, Mariadb and 13 more | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
|
|||||
| CVE-2016-6662 | 5 Debian, Mariadb, Oracle and 2 more | 12 Debian Linux, Mariadb, Mysql and 9 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the af ...
Show More |
|||||
| CVE-2016-5475 | 1 Oracle | 1 Retail Service Backbone | 2025-04-12 | 8.0 HIGH | 7.6 HIGH |
|
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
|
|||||
| CVE-2015-7547 | 10 Canonical, Debian, F5 and 7 more | 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more | 2025-04-12 | 6.8 MEDIUM | 8.1 HIGH |
|
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
|
|||||
| CVE-2016-3474 | 1 Oracle | 1 Business Intelligence Publisher | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
|
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality via vectors related to Security.
|
|||||
| CVE-2016-3575 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 9.0 HIGH | 8.6 HIGH |
|
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and C ...
Show More |
|||||
| CVE-2016-0403 | 1 Oracle | 1 Solaris | 2025-04-12 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB Utilities.
|
|||||
| CVE-2016-0405 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2025-04-12 | 1.7 LOW | N/A |
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect confidentiality via vectors related to Cluster Manageability and Serviceability.
|
|||||
| CVE-2014-2469 | 1 Oracle | 1 Sunos | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in lighttpd in Oracle Solaris 11.1 allows attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2014-6585 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 2.6 LOW | N/A |
|
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.
|
|||||
| CVE-2015-0423 | 2 Novell, Oracle | 5 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit and 2 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
|
|||||
| CVE-2014-4206 | 1 Oracle | 1 Hyperion | 2025-04-12 | 3.3 LOW | N/A |
|
Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows local users to affect integrity and availability via unknown vectors related to Data Synchronizer.
|
|||||