Filtered by vendor Oracle
Subscribe
Total
10091 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5493 | 1 Oracle | 1 Flexcube Private Banking | 2025-04-12 | 4.9 MEDIUM | 4.2 MEDIUM |
| Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2016-0594 | 2 Opensuse, Oracle | 3 Leap, Opensuse, Mysql | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
| CVE-2016-5544 | 1 Oracle | 1 Solaris | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86. | |||||
| CVE-2016-3471 | 3 Mariadb, Oracle, Redhat | 3 Mariadb, Mysql, Enterprise Linux | 2025-04-12 | 6.2 MEDIUM | 7.5 HIGH |
| Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option. | |||||
| CVE-2015-0503 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. | |||||
| CVE-2016-3579 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 9.0 HIGH | 8.6 HIGH |
| Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, and CVE-2016-3596. | |||||
| CVE-2015-6249 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2025-04-12 | 4.3 MEDIUM | N/A |
| The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2015-3200 | 3 Hp, Lighttpd, Oracle | 3 Virtual Customer Access System, Lighttpd, Solaris | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character. | |||||
| CVE-2015-2808 | 9 Canonical, Debian, Fujitsu and 6 more | 99 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 96 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. | |||||
| CVE-2015-4912 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine. | |||||
| CVE-2016-0679 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 5.5 MEDIUM | 8.7 HIGH |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect integrity and availability via vectors related to PIA Grids. | |||||
| CVE-2015-1793 | 2 Openssl, Oracle | 4 Openssl, Jd Edwards Enterpriseone Tools, Opus 10g Ethernet Switch Family and 1 more | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate. | |||||
| CVE-2016-0568 | 1 Oracle | 1 Email Center | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Server Components. | |||||
| CVE-2014-0450 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection. | |||||
| CVE-2016-1961 | 4 Mozilla, Opensuse, Oracle and 1 more | 6 Firefox, Thunderbird, Leap and 3 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | |||||
| CVE-2016-5445 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2025-04-12 | 7.5 HIGH | 8.3 HIGH |
| Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2014-6564 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML. | |||||
| CVE-2014-6550 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to iHelp. | |||||
| CVE-2016-0421 | 1 Oracle | 1 Jd Edwards Products | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Monitoring and Diagnostics SEC. | |||||
| CVE-2015-4484 | 4 Canonical, Mozilla, Opensuse and 1 more | 4 Ubuntu Linux, Firefox, Opensuse and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object. | |||||