Total
311 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3152 | 1 Oracle | 1 Fusion Middleware | 2025-10-22 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that ...
Show More |
|||||
| CVE-2012-1710 | 1 Oracle | 1 Fusion Middleware | 2025-10-22 | 7.5 HIGH | 9.8 CRITICAL |
|
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709.
|
|||||
| CVE-2012-0518 | 1 Oracle | 1 Fusion Middleware | 2025-10-22 | 4.3 MEDIUM | 4.7 MEDIUM |
|
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
|
|||||
| CVE-2019-10219 | 3 Netapp, Oracle, Redhat | 195 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 192 more | 2025-07-07 | 4.3 MEDIUM | 6.1 MEDIUM |
|
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
|
|||||
| CVE-2014-4256 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to WLS - Deployment.
|
|||||
| CVE-2014-4251 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1.
|
|||||
| CVE-2014-4255 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Security and Policy.
|
|||||
| CVE-2014-2426 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.
|
|||||
| CVE-2015-0414 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer.
|
|||||
| CVE-2014-6571 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2011-1944.
|
|||||
| CVE-2014-6534 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect integrity via vectors related to WLS Console.
|
|||||
| CVE-2014-2493 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, and 12.1.2.0.0 allows remote attackers to affect confidentiality and availability via vectors related to ADF Faces.
|
|||||
| CVE-2015-0482 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
|
|||||
| CVE-2014-2404 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate.
|
|||||
| CVE-2015-4838 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote authenticated users to affect confidentiality via vectors related to ADF Faces.
|
|||||
| CVE-2015-0396 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Admin Console.
|
|||||
| CVE-2015-0367 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine.
|
|||||
| CVE-2016-0413 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support.
|
|||||
| CVE-2015-0443 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
|
|||||
| CVE-2014-6552 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console.
|
|||||
| CVE-2016-0432 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 1.9 LOW | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.
|
|||||
| CVE-2015-0399 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 10.1.3.4.2 and 11.1.1.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Analytics Web General.
|
|||||
| CVE-2016-0430 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439.
|
|||||
| CVE-2015-4912 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine.
|
|||||
| CVE-2014-4222 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect confidentiality via vectors related to plugin 1.1.
|
|||||
| CVE-2014-4241 | 2 Oracle, Vmware | 4 Fusion Middleware, Esxi, Vcenter Server and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.
|
|||||
| CVE-2014-6522 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.4, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via vectors related to ADF Faces.
|
|||||
| CVE-2014-6580 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors.
|
|||||
| CVE-2015-4758 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, and CVE-2015-4759.
|
|||||
| CVE-2014-6526 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 allows remote attackers to affect integrity via unknown vectors related to Admin Console.
|
|||||
| CVE-2014-2481 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2480.
|
|||||
| CVE-2014-2425 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2016-0464 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.
|
|||||
| CVE-2014-6499 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to WebLogic Tuxedo Connector.
|
|||||
| CVE-2014-2400 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399.
|
|||||
| CVE-2014-4212 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification.
|
|||||
| CVE-2015-0446 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
|
|||||
| CVE-2015-0389 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592.
|
|||||
| CVE-2015-4751 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
|
|||||
| CVE-2014-0191 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
|
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.
|
|||||