Filtered by vendor Oracle
Subscribe
Total
10091 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0671 | 1 Oracle | 1 Http Server | 2025-04-12 | 2.6 LOW | 3.7 LOW |
| Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module. | |||||
| CVE-2015-4846 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality and integrity via vectors related to SQL Extensions. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is a SQL injection vulnerability, which allows remote authenticated users to execute arbitrary SQL commands via a request involving the afamexts.sql SQL extension. | |||||
| CVE-2014-6572 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to List of Values. | |||||
| CVE-2016-8294 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2015-4869 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2014-2480 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2481. | |||||
| CVE-2014-2406 | 1 Oracle | 1 Database Server | 2025-04-12 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges. | |||||
| CVE-2014-4229 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, and 6.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Data, Domain, and Function Security. | |||||
| CVE-2015-2729 | 2 Mozilla, Oracle | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2015-4753 | 1 Oracle | 1 Database Server | 2025-04-12 | 2.1 LOW | N/A |
| Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2015-0467 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors related to Security. | |||||
| CVE-2014-0447 | 2 Oracle, Sun | 2 Sunos, Sunos | 2025-04-12 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2013-5876. | |||||
| CVE-2016-2381 | 5 Canonical, Debian, Opensuse and 2 more | 10 Ubuntu Linux, Debian Linux, Opensuse and 7 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. | |||||
| CVE-2011-2198 | 3 Gnome, Opensuse, Oracle | 3 Gnome-terminal, Opensuse, Solaris | 2025-04-12 | 3.5 LOW | N/A |
| The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@". | |||||
| CVE-2016-3435 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2025-04-12 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect availability via vectors related to PIA Core Technology. | |||||
| CVE-2016-3475 | 1 Oracle | 1 Knowledge | 2025-04-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console. | |||||
| CVE-2016-0574 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577. | |||||
| CVE-2014-1528 | 7 Canonical, Fedoraproject, Microsoft and 4 more | 8 Ubuntu Linux, Fedora, Windows and 5 more | 2025-04-12 | 10.0 HIGH | N/A |
| The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element. | |||||
| CVE-2016-5533 | 1 Oracle | 1 Primavera P6 Enterprise Project Portfolio Management | 2025-04-12 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.4, 15.x, and 16.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2014-0203 | 2 Linux, Oracle | 2 Linux Kernel, Linux | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call. | |||||