Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4581 | 3 Canonical, Linux, Oracle | 3 Ubuntu Linux, Linux Kernel, Linux | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
|
fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.
|
|||||
| CVE-2016-0623 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.3 MEDIUM | 4.7 MEDIUM |
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect integrity via vectors related to the Automated Installer sub-component.
|
|||||
| CVE-2015-2597 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
|
|||||
| CVE-2014-4247 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
|
|||||
| CVE-2016-4079 | 3 Debian, Oracle, Wireshark | 3 Debian Linux, Solaris, Wireshark | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
|
epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet.
|
|||||
| CVE-2016-0589 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2014-8964 | 6 Fedoraproject, Mariadb, Opensuse and 3 more | 11 Fedora, Mariadb, Opensuse and 8 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
|
|||||
| CVE-2015-4908 | 1 Oracle | 3 Javafx, Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
|
|||||
| CVE-2015-4899 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2016-5595 | 1 Oracle | 1 Customer Interaction History | 2025-04-12 | 6.4 MEDIUM | 8.2 HIGH |
|
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5592.
|
|||||
| CVE-2015-2737 | 5 Canonical, Debian, Mozilla and 2 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2025-04-12 | 10.0 HIGH | N/A |
|
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
|
|||||
| CVE-2016-5604 | 1 Oracle | 1 Enterprise Manager Base Platform | 2025-04-12 | 3.3 LOW | 6.3 MEDIUM |
|
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563.
|
|||||
| CVE-2016-5446 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2025-04-12 | 7.5 HIGH | 7.3 HIGH |
|
Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure.
|
|||||
| CVE-2016-5263 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
|
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
|
|||||
| CVE-2015-4924 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect integrity via vectors related to Security.
|
|||||
| CVE-2016-5474 | 1 Oracle | 1 Retail Service Backbone | 2025-04-12 | 9.0 HIGH | 8.8 HIGH |
|
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel.
|
|||||
| CVE-2016-5558 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 7.5 HIGH | 8.6 HIGH |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5574, CVE-2016-5577, CVE-2016-5578, CVE-2016-5579, and CVE-2016-5588.
|
|||||
| CVE-2016-3494 | 1 Oracle | 1 Enterprise Manager Ops Center | 2025-04-12 | 6.1 MEDIUM | 6.5 MEDIUM |
|
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning.
|
|||||
| CVE-2015-2634 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
|
|||||
| CVE-2015-4860 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
|
|||||
| CVE-2015-2189 | 5 Debian, Mageia, Opensuse and 2 more | 6 Debian Linux, Mageia, Opensuse and 3 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
|
|||||
| CVE-2014-4242 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console.
|
|||||
| CVE-2015-1926 | 1 Oracle | 2 E-business Suite, Fusion Middleware | 2025-04-12 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.
|
|||||
| CVE-2016-3558 | 1 Oracle | 1 Email Center | 2025-04-12 | 4.3 MEDIUM | 4.7 MEDIUM |
|
Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Email Center Agent Console, a different vulnerability than CVE-2016-3559.
|
|||||
| CVE-2016-0683 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 4.0 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to Search Framework.
|
|||||
| CVE-2014-0462 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Openjdk | 2025-04-12 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405.
|
|||||
| CVE-2016-4962 | 2 Oracle, Xen | 2 Vm Server, Xen | 2025-04-12 | 6.8 MEDIUM | 6.7 MEDIUM |
|
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore.
|
|||||
| CVE-2016-5436 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.
|
|||||
| CVE-2016-1966 | 3 Mozilla, Opensuse, Oracle | 4 Firefox, Thunderbird, Opensuse and 1 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
|
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
|
|||||
| CVE-2016-3570 | 1 Oracle | 1 Primavera P6 Enterprise Project Portfolio Management | 2025-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
|
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3569, CVE-2016-3571, and CVE-2016-3573.
|
|||||
| CVE-2015-6249 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2025-04-12 | 4.3 MEDIUM | N/A |
|
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
|||||
| CVE-2014-2478 | 1 Oracle | 1 Database Server | 2025-04-12 | 2.6 LOW | N/A |
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2015-4926 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 2.6 LOW | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect integrity via vectors related to UIX.
|
|||||
| CVE-2016-5463 | 1 Oracle | 1 Siebel Ui Framework | 2025-04-12 | 3.5 LOW | 4.1 MEDIUM |
|
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5464.
|
|||||
| CVE-2014-4236 | 1 Oracle | 1 Database Server | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2016-0448 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
|
|||||
| CVE-2014-2418 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2416, and CVE-2014-2417.
|
|||||
| CVE-2015-4840 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
|
|||||
| CVE-2016-5441 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.
|
|||||
| CVE-2014-4215 | 2 Oracle, Sun | 2 Sunos, Sunos | 2025-04-12 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2013-5862.
|
|||||