Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle
Angry Yack Logo
Total 10321 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5576 1 Oracle 1 Solaris 2025-04-12 4.9 MEDIUM 5.5 MEDIUM
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones.
CVE-2015-4490 4 Canonical, Mozilla, Opensuse and 1 more 4 Ubuntu Linux, Firefox, Opensuse and 1 more 2025-04-12 4.3 MEDIUM N/A
The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.
CVE-2014-2467 1 Oracle 1 Supply Chain Products Suite 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2014-2445.
CVE-2016-3422 1 Oracle 2 Jdk, Jre 2025-04-12 5.0 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.
CVE-2016-0584 1 Oracle 1 Customer Relationship Management Technical Foundation 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0582, and CVE-2016-0583.
CVE-2014-6598 1 Oracle 1 Communications Applications 2025-04-12 7.6 HIGH N/A
Unspecified vulnerability in the Oracle Communications Diameter Signaling Router component in Oracle Communications Applications 3.x, 4.x, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Signaling - DPI.
CVE-2015-4761 2 Canonical, Oracle 2 Ubuntu Linux, Mysql 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
CVE-2016-3505 1 Oracle 1 Weblogic Server 2025-04-12 9.0 HIGH 8.8 HIGH
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces.
CVE-2015-0420 1 Oracle 1 Fusion Middleware 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services.
CVE-2016-0498 1 Oracle 1 Agile Engineering Data Management 2025-04-12 1.5 LOW N/A
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.2.2, 6.1.3.0, and 6.2.0.0 allows local users to affect confidentiality via unknown vectors related to Install.
CVE-2014-6592 1 Oracle 1 Fusion Middleware 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389.
CVE-2016-6663 3 Mariadb, Oracle, Percona 4 Mariadb, Mysql, Percona Server and 1 more 2025-04-12 4.4 MEDIUM 7.0 HIGH
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a M ...

Show More
CVE-2016-3448 1 Oracle 1 Application Express 2025-04-12 5.8 MEDIUM 6.1 MEDIUM
Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors.
CVE-2014-2468 1 Oracle 1 Siebel Crm 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Open_UI, a different vulnerability than CVE-2014-4230.
CVE-2015-8386 4 Fedoraproject, Oracle, Pcre and 1 more 4 Fedora, Linux, Perl Compatible Regular Expression Library and 1 more 2025-04-12 7.5 HIGH 9.8 CRITICAL
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
CVE-2016-3081 2 Apache, Oracle 2 Struts, Siebel E-billing 2025-04-12 9.3 HIGH 8.1 HIGH
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
CVE-2016-3441 1 Oracle 1 Solaris 2025-04-12 7.2 HIGH 7.8 HIGH
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem.
CVE-2013-6438 3 Apache, Canonical, Oracle 3 Http Server, Ubuntu Linux, Http Server 2025-04-12 5.0 MEDIUM N/A
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
CVE-2015-4731 1 Oracle 2 Jdk, Jre 2025-04-12 10.0 HIGH N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVE-2015-0388 1 Oracle 1 Siebel Crm 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417.
CVE-2016-1977 5 Mozilla, Opensuse, Oracle and 2 more 6 Firefox, Leap, Opensuse and 3 more 2025-04-12 6.8 MEDIUM 8.8 HIGH
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
CVE-2015-0508 1 Oracle 1 Mysql 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0506.
CVE-2014-2408 1 Oracle 1 Database Server 2025-04-12 6.6 MEDIUM N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."
CVE-2015-0383 7 Canonical, Debian, Fedoraproject and 4 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2025-04-12 5.4 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
CVE-2016-8293 1 Oracle 1 Peoplesoft Enterprise Peopletools 2025-04-12 5.8 MEDIUM 8.2 HIGH
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability than CVE-2016-5529 and CVE-2016-5530.
CVE-2015-0362 1 Oracle 1 Fusion Middleware 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to BI Publisher Security.
CVE-2015-3294 2 Oracle, Thekelleys 2 Solaris, Dnsmasq 2025-04-12 6.4 MEDIUM N/A
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request.
CVE-2014-0450 1 Oracle 1 Fusion Middleware 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection.
CVE-2016-3480 1 Oracle 1 Solaris Cluster 2025-04-12 4.9 MEDIUM 4.4 MEDIUM
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql.
CVE-2016-5690 2 Imagemagick, Oracle 2 Imagemagick, Solaris 2025-04-12 7.5 HIGH 9.8 CRITICAL
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVE-2014-0397 1 Oracle 1 Solaris 2025-04-12 10.0 HIGH N/A
Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."
CVE-2016-3487 1 Oracle 1 Webcenter Sites 2025-04-12 10.0 HIGH 8.1 HIGH
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2015-7940 3 Bouncycastle, Opensuse, Oracle 7 Bouncy Castle Crypto Package, Leap, Opensuse and 4 more 2025-04-12 5.0 MEDIUM N/A
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
CVE-2016-0436 1 Oracle 1 Retail Applications 2025-04-12 1.9 LOW N/A
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0437, and CVE-2016-0438.
CVE-2014-6539 1 Oracle 1 E-business Suite 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6472.
CVE-2016-3551 1 Oracle 1 Weblogic Server 2025-04-12 10.0 HIGH 9.8 CRITICAL
Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack.
CVE-2014-6478 4 Juniper, Mariadb, Oracle and 1 more 8 Junos Space, Mariadb, Mysql and 5 more 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
CVE-2016-0674 1 Oracle 1 Siebel Core-common Components 2025-04-12 3.2 LOW 4.4 MEDIUM
Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email.
CVE-2016-3576 1 Oracle 1 Outside In Technology 2025-04-12 9.0 HIGH 8.6 HIGH
Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and C ...

Show More
CVE-2014-2449 1 Oracle 1 Peoplesoft Products 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise HRMS Talent Acquisition Manager component in Oracle PeopleSoft Products 9.0, 9.1, and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.