Filtered by vendor Oracle
Subscribe
Total
10091 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-5519 | 1 Oracle | 1 Glassfish Server | 2025-04-12 | 6.5 MEDIUM | 8.8 HIGH |
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Java Server Faces. | |||||
CVE-2016-0420 | 1 Oracle | 1 Jd Edwards Products | 2025-04-12 | 7.8 HIGH | N/A |
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics. | |||||
CVE-2015-3455 | 3 Fedoraproject, Oracle, Squid-cache | 4 Fedora, Linux, Solaris and 1 more | 2025-04-12 | 2.6 LOW | N/A |
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate. | |||||
CVE-2016-2795 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. | |||||
CVE-2015-0387 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Siebel Core - Server OM Services component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via vectors related to Security - LDAP Security Adapter. | |||||
CVE-2016-4556 | 3 Canonical, Oracle, Squid-cache | 3 Ubuntu Linux, Linux, Squid | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response. | |||||
CVE-2014-6458 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
CVE-2016-0508 | 1 Oracle | 1 Ilearning | 2025-04-12 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. | |||||
CVE-2016-5624 | 3 Mariadb, Oracle, Redhat | 8 Mariadb, Mysql, Enterprise Linux Desktop and 5 more | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
CVE-2014-4253 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WebLogic Server JVM. | |||||
CVE-2015-4886 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Reports Security. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, or conduct SMB Relay attacks via a crafted DTD in an XML request involving the OA_HTML/copxml servlet. | |||||
CVE-2015-0492 | 3 Opensuse, Oracle, Suse | 5 Opensuse, Javafx, Jdk and 2 more | 2025-04-12 | 9.3 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484. | |||||
CVE-2014-6538 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-4295, and CVE-2014-6563. | |||||
CVE-2016-8281 | 1 Oracle | 1 Platform Security For Java | 2025-04-12 | 6.5 MEDIUM | 7.6 HIGH |
Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-5536. | |||||
CVE-2014-2401 | 3 Ibm, Microsoft, Oracle | 5 Forms Viewer, Windows, Javafx and 2 more | 2025-04-12 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | |||||
CVE-2016-0404 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin. | |||||
CVE-2016-5357 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | |||||
CVE-2016-3584 | 1 Oracle | 1 Solaris | 2025-04-12 | 4.4 MEDIUM | 7.0 HIGH |
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Libadimalloc. | |||||
CVE-2014-6494 | 4 Juniper, Mariadb, Oracle and 1 more | 8 Junos Space, Mariadb, Mysql and 5 more | 2025-04-12 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. | |||||
CVE-2016-5609 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML. |