Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2415 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "processing of MTOM attachments" and the creation of temporary files with weak permissions.
|
|||||
| CVE-2010-3599 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 9.4 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity and availability via unknown vectors related to Import Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from the original researcher that remote attackers can overwrite arbitrary files and execute arbitrary code via a full pathname in the first argument to the WriteJPG me ...
Show More |
|||||
| CVE-2011-2308 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Online Help.
|
|||||
| CVE-2012-0548 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2025-04-11 | 2.1 LOW | N/A |
|
Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 and earlier allows local users to affect confidentiality, related to XSCF Control Package (XCP).
|
|||||
| CVE-2013-3796 | 1 Oracle | 1 Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
|
|||||
| CVE-2010-3839 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
|
|||||
| CVE-2012-5091 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal.
|
|||||
| CVE-2011-2262 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
|
|||||
| CVE-2012-0558 | 1 Oracle | 1 Primavera Products Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 6.2.1, 8.0, 8.1, and 8.2 allows remote attackers to affect integrity via unknown vectors related to Web application.
|
|||||
| CVE-2013-5805 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
|
|||||
| CVE-2013-5846 | 1 Oracle | 3 Javafx, Jdk, Jre | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
|
|||||
| CVE-2010-2380 | 1 Oracle | 1 Peoplesoft And Jdedwards Suite Scm | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft and JDEdwards Suite SCM 8.9 Bundle #37, SCM 9.0 Bundle #30, and SCM 9.1 Bundle #4 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2010-3517 | 1 Oracle | 2 Opensolaris, Solaris | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to Kernel/X86.
|
|||||
| CVE-2012-0756 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755.
|
|||||
| CVE-2010-3681 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
|
|||||
| CVE-2011-3510 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security.
|
|||||
| CVE-2013-5793 | 1 Oracle | 1 Mysql | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.
|
|||||
| CVE-2011-3532 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal.
|
|||||
| CVE-2013-1533 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 3.1.0, 5.1.0, 5.2.0, 5.3.1 through 5.3.3, and 6.0.1 through 12.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to BASE.
|
|||||
| CVE-2013-4786 | 2 Intel, Oracle | 2 Intelligent Platform Management Interface, Fujitsu M10 Firmware | 2025-04-11 | 7.8 HIGH | 7.5 HIGH |
|
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
|
|||||
| CVE-2013-0362 | 1 Oracle | 1 Database Mobile\/lite Server | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2013-0363 and CVE-2013-0364.
|
|||||
| CVE-2013-1475 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectS ...
Show More |
|||||
| CVE-2012-0876 | 6 Canonical, Debian, Libexpat Project and 3 more | 11 Ubuntu Linux, Debian Linux, Libexpat and 8 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
|
|||||
| CVE-2012-1686 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.6 and other versions allows remote attackers to affect integrity via unknown vectors related to Installation.
|
|||||
| CVE-2011-3530 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality via unknown vectors related to eDevelopment.
|
|||||
| CVE-2010-4007 | 1 Oracle | 1 Mojarra | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057.
|
|||||
| CVE-2011-2280 | 1 Oracle | 2 Peoplesoft Enterprise Peopletools, Peoplesoft Products | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2011-2274.
|
|||||
| CVE-2012-1685 | 1 Oracle | 1 Virtualization | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core.
|
|||||
| CVE-2010-4506 | 1 Oracle | 1 Passlogix V-go Self-service Password Reset And Oem | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A allows physically proximate attackers to execute arbitrary programs without authentication by triggering use of an invalid SSL certificate and using the Internet Explorer interface to navigate through the filesystem via a "Save As" dialog that is reachable from the "Certificate Export" wizard.
|
|||||
| CVE-2012-5615 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
|
|||||
| CVE-2013-5904 | 3 Hp, Oracle, Redhat | 10 Hp-ux, Jdk, Jre and 7 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2011-3511 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
|
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account.
|
|||||
| CVE-2013-1539 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 3.1.0, 5.0.2 through 5.0.5, and 5.3.0 through 5.3.4 allows remote authenticated users to affect confidentiality via vectors related to CTF.
|
|||||
| CVE-2010-4434 | 1 Oracle | 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.0 through 8.50.14 and 8.51.0 through 8.51.04 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal.
|
|||||
| CVE-2013-1511 | 2 Mariadb, Oracle | 3 Mariadb, Mysql, Solaris | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
|
|||||
| CVE-2013-2401 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Portal.
|
|||||
| CVE-2013-0361 | 1 Oracle | 2 Database Lite, Database Mobile\/lite Server | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0366.
|
|||||
| CVE-2013-5897 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache.
|
|||||
| CVE-2013-3812 | 6 Canonical, Debian, Mariadb and 3 more | 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
|
|||||
| CVE-2013-5874 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 1.7 LOW | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging.
|
|||||