Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5569 | 1 Oracle | 1 Flexcube Enterprise Limits And Collateral Management | 2025-04-12 | 5.5 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component in Oracle Financial Services Applications 12.0.0 and 12.1.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2014-6544 | 1 Oracle | 1 Database Server | 2025-04-12 | 3.6 LOW | N/A |
|
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-4289.
|
|||||
| CVE-2016-5531 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
|
|||||
| CVE-2016-0656 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | 5.5 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.
|
|||||
| CVE-2016-0401 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429.
|
|||||
| CVE-2016-0585 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via vectors related to ICX Error.
|
|||||
| CVE-2016-2047 | 6 Canonical, Debian, Mariadb and 3 more | 7 Ubuntu Linux, Debian Linux, Mariadb and 4 more | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
|
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as d ...
Show More |
|||||
| CVE-2016-5503 | 1 Oracle | 1 Sun Zfs Storage Appliance Kit | 2025-04-12 | 4.6 MEDIUM | 8.2 HIGH |
|
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality, integrity, and availability via vectors related to Core Services.
|
|||||
| CVE-2014-2436 | 3 Mariadb, Oracle, Redhat | 9 Mariadb, Mysql, Solaris and 6 more | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
|
|||||
| CVE-2015-2611 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.
|
|||||
| CVE-2014-1563 | 3 Mozilla, Opensuse, Oracle | 5 Firefox, Thunderbird, Evergreen and 2 more | 2025-04-12 | 10.0 HIGH | N/A |
|
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
|
|||||
| CVE-2016-3606 | 1 Oracle | 3 Jdk, Jre, Linux | 2025-04-12 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
|
|||||
| CVE-2014-3707 | 6 Apple, Canonical, Debian and 3 more | 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more | 2025-04-12 | 4.3 MEDIUM | N/A |
|
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out-of-bounds read that allows remote web servers to read sensitive memory information.
|
|||||
| CVE-2016-3515 | 1 Oracle | 1 Enterprise Communications Broker | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
|
Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2016-0521 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection.
|
|||||
| CVE-2015-2606 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745.
|
|||||
| CVE-2015-3900 | 4 Oracle, Redhat, Ruby-lang and 1 more | 4 Solaris, Enterprise Linux, Ruby and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
|
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
|
|||||
| CVE-2015-2661 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 2.1 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
|
|||||
| CVE-2014-2402 | 2 Canonical, Oracle | 3 Ubuntu Linux, Jdk, Jre | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455.
|
|||||
| CVE-2016-5454 | 1 Oracle | 1 Solaris | 2025-04-12 | 5.4 MEDIUM | 6.4 MEDIUM |
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot.
|
|||||
| CVE-2015-4736 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2016-0586 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to iHelp.
|
|||||
| CVE-2014-2411 | 1 Oracle | 2 Identity Analytics, Sun Role Manager | 2025-04-12 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Identity Analytics component in Oracle Fusion Middleware Oracle Identity Analytics 11.1.1.5 and Sun Role Manager 5.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security.
|
|||||
| CVE-2016-5440 | 6 Canonical, Debian, Ibm and 3 more | 12 Ubuntu Linux, Debian Linux, Powerkvm and 9 more | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
|
|||||
| CVE-2014-4253 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WebLogic Server JVM.
|
|||||
| CVE-2014-6498 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote attackers to affect confidentiality via unknown vectors related to Security.
|
|||||
| CVE-2016-0571 | 1 Oracle | 1 Balanced Scorecard | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Balanced Scorecard component in Oracle E-Business Suite 11.5.10.2 and 12.1 allows remote attackers to affect confidentiality via unknown vectors.
|
|||||
| CVE-2015-0447 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via vectors related to Configurator DMZ rules.
|
|||||
| CVE-2014-2428 | 3 Ibm, Microsoft, Oracle | 4 Forms Viewer, Windows, Jdk and 1 more | 2025-04-12 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2015-4904 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
|
|||||
| CVE-2016-0453 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 1.8 LOW | N/A |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.
|
|||||
| CVE-2016-4957 | 5 Novell, Ntp, Opensuse and 2 more | 9 Suse Manager, Ntp, Leap and 6 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
|
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
|
|||||
| CVE-2015-4842 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
|
|||||
| CVE-2015-4891 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD.
|
|||||
| CVE-2016-3458 | 1 Oracle | 3 Jdk, Jre, Linux | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
|
|||||
| CVE-2015-4742 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.
|
|||||
| CVE-2014-6472 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6539.
|
|||||
| CVE-2016-3584 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.4 MEDIUM | 7.0 HIGH |
|
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc.
|
|||||
| CVE-2016-5621 | 1 Oracle | 1 Flexcube Universal Banking | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603.
|
|||||
| CVE-2015-4772 | 2 Canonical, Oracle | 2 Ubuntu Linux, Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.
|
|||||