Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7142 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Solaris, Squid | 2025-04-12 | 6.4 MEDIUM | N/A |
|
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
|
|||||
| CVE-2016-2799 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2025-04-12 | 9.3 HIGH | 8.8 HIGH |
|
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
|
|||||
| CVE-2016-5466 | 1 Oracle | 1 Siebel Core-server Framework | 2025-04-12 | 4.3 MEDIUM | 3.7 LOW |
|
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors related to Services, a different vulnerability than CVE-2016-3450 and CVE-2016-5460.
|
|||||
| CVE-2016-0697 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 3.6 LOW | 6.0 MEDIUM |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2014-2464 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2015-0453 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 3.3 LOW | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via vectors related to PORTAL.
|
|||||
| CVE-2016-8287 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | 4.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
|
|||||
| CVE-2015-4750 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.2 allows remote attackers to affect availability via vectors related to LDOM Manager.
|
|||||
| CVE-2016-5464 | 1 Oracle | 1 Siebel Ui Framework | 2025-04-12 | 3.5 LOW | 4.1 MEDIUM |
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5463.
|
|||||
| CVE-2016-3478 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing.
|
|||||
| CVE-2015-0461 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 7.0 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Authentication Engine.
|
|||||
| CVE-2016-5607 | 1 Oracle | 1 Flexcube Universal Banking | 2025-04-12 | 6.5 MEDIUM | 8.8 HIGH |
|
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to INFRA.
|
|||||
| CVE-2015-2572 | 2 Microsoft, Oracle | 2 Windows, Hyperion Smart View For Office | 2025-04-12 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Hyperion Smart View for Office component in Oracle Hyperion 11.1.2.5.216 and earlier, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
|
|||||
| CVE-2016-5554 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
|
|||||
| CVE-2016-0583 | 1 Oracle | 1 Crm Technical Foundation | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0582, and CVE-2016-0584.
|
|||||
| CVE-2014-4287 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.
|
|||||
| CVE-2016-1714 | 3 Oracle, Qemu, Redhat | 3 Linux, Qemu, Openstack | 2025-04-12 | 6.9 MEDIUM | 8.1 HIGH |
|
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
|
|||||
| CVE-2016-5601 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 3.3 LOW | 6.3 MEDIUM |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
|
|||||
| CVE-2016-0513 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components.
|
|||||
| CVE-2016-0618 | 1 Oracle | 1 Solaris | 2025-04-12 | 1.4 LOW | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones.
|
|||||
| CVE-2014-6487 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote authenticated users to affect integrity via unknown vectors related to End User Self Service.
|
|||||
| CVE-2015-8126 | 9 Apple, Canonical, Debian and 6 more | 21 Mac Os X, Ubuntu Linux, Debian Linux and 18 more | 2025-04-12 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
|
|||||
| CVE-2016-0508 | 1 Oracle | 1 Ilearning | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Administration.
|
|||||
| CVE-2016-0425 | 1 Oracle | 1 Jd Edwards Products | 2025-04-12 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Monitoring and Diagnostics.
|
|||||
| CVE-2014-6480 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to System management.
|
|||||
| CVE-2015-4827 | 1 Oracle | 1 Retail Applications | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework.
|
|||||
| CVE-2015-3811 | 2 Oracle, Wireshark | 3 Linux, Solaris, Wireshark | 2025-04-12 | 5.0 MEDIUM | N/A |
|
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.
|
|||||
| CVE-2015-0449 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console.
|
|||||
| CVE-2015-4837 | 1 Oracle | 1 Solaris | 2025-04-12 | 6.6 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security.
|
|||||
| CVE-2016-0667 | 1 Oracle | 1 Mysql | 2025-04-12 | 2.8 LOW | 4.4 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.
|
|||||
| CVE-2015-2630 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Technology stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Applet startup.
|
|||||
| CVE-2016-0563 | 1 Oracle | 1 Crm Technical Foundation | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Techstack.
|
|||||
| CVE-2016-0705 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
|
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
|
|||||
| CVE-2015-4905 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.
|
|||||
| CVE-2016-0406 | 1 Oracle | 1 Solaris | 2025-04-12 | 3.3 LOW | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc.
|
|||||
| CVE-2016-5628 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.
|
|||||
| CVE-2016-0671 | 1 Oracle | 1 Http Server | 2025-04-12 | 2.6 LOW | 3.7 LOW |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.
|
|||||
| CVE-2015-1793 | 2 Openssl, Oracle | 4 Openssl, Jd Edwards Enterpriseone Tools, Opus 10g Ethernet Switch Family and 1 more | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
|
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
|
|||||
| CVE-2014-6533 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1 and 6.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
|
|||||
| CVE-2015-6244 | 2 Oracle, Wireshark | 3 Linux, Solaris, Wireshark | 2025-04-12 | 4.3 MEDIUM | N/A |
|
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||