Filtered by vendor Oracle
Subscribe
Total
10030 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-2634 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. | |||||
| CVE-2015-4810 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
| CVE-2014-4241 | 2 Oracle, Vmware | 4 Fusion Middleware, Esxi, Vcenter Server and 1 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services. | |||||
| CVE-2015-4643 | 4 Debian, Oracle, Php and 1 more | 9 Debian Linux, Linux, Php and 6 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022. | |||||
| CVE-2014-4211 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect integrity via unknown vectors related to Portlet Services. | |||||
| CVE-2016-0485 | 1 Oracle | 1 Application Testing Suite | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480, CVE-2016-0481, CVE-2016-0482, and CVE-2016-0486. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the DownloadServlet servlet, which allows remote attackers to read arbitrary files via directory traversal sequences in the reportName parameter. | |||||
| CVE-2015-0407 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | |||||
| CVE-2014-2423 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458. | |||||
| CVE-2016-4448 | 9 Apple, Hp, Mcafee and 6 more | 21 Icloud, Iphone Os, Itunes and 18 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | |||||
| CVE-2014-6270 | 2 Oracle, Squid-cache | 2 Solaris, Squid | 2025-04-12 | 6.8 MEDIUM | N/A |
| Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted UDP SNMP request, which triggers a heap-based buffer overflow. | |||||
| CVE-2015-4877 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 1.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878. | |||||
| CVE-2015-4905 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML. | |||||
| CVE-2015-0497 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal Interaction Hub component in Oracle PeopleSoft Products 9.1.00 allows remote attackers to affect integrity via unknown vectors related to Enterprise Portal. | |||||
| CVE-2016-3570 | 1 Oracle | 1 Primavera P6 Enterprise Project Portfolio Management | 2025-04-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3569, CVE-2016-3571, and CVE-2016-3573. | |||||
| CVE-2015-3219 | 3 Debian, Openstack, Oracle | 3 Debian Linux, Horizon, Solaris | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class. | |||||
| CVE-2015-0401 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 and 11.1.1.7 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console. | |||||
| CVE-2016-5581 | 1 Oracle | 1 Irecruitment | 2025-04-12 | 4.6 MEDIUM | 6.6 MEDIUM |
| Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-0472 | 1 Oracle | 1 Database Server | 2025-04-12 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality and availability via unknown vectors. | |||||
| CVE-2016-3449 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 7.6 HIGH | 8.3 HIGH |
| Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. | |||||
| CVE-2014-1542 | 4 Mozilla, Opensuse, Opensuse Project and 1 more | 4 Firefox, Opensuse, Opensuse and 1 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate. | |||||