Filtered by vendor Oracle
Subscribe
Total
10091 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0589 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2014-2412 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451. | |||||
| CVE-2016-0461 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2015-2628 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. | |||||
| CVE-2015-4785 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790. | |||||
| CVE-2016-3466 | 1 Oracle | 1 Field Service | 2025-04-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless. | |||||
| CVE-2016-3440 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 7.7 HIGH |
| Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-0636 | 2 Oracle, Redhat | 7 Jdk, Jre, Enterprise Linux Desktop and 4 more | 2025-04-12 | 9.3 HIGH | 8.1 HIGH |
| Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component. | |||||
| CVE-2015-1283 | 8 Canonical, Debian, Google and 5 more | 13 Ubuntu Linux, Debian Linux, Chrome and 10 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. | |||||
| CVE-2016-3461 | 1 Oracle | 1 Mysql Enterprise Monitor | 2025-04-12 | 4.3 MEDIUM | 7.2 HIGH |
| Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server. | |||||
| CVE-2014-4203 | 1 Oracle | 1 Hyperion | 2025-04-12 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Property Editing. | |||||
| CVE-2016-3522 | 1 Oracle | 1 Web Applications Desktop Integrator | 2025-04-12 | 8.5 HIGH | 8.2 HIGH |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service. | |||||
| CVE-2014-8145 | 3 Debian, Oracle, Sound Exchange Project | 3 Debian Linux, Solaris, Sound Exchange | 2025-04-12 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function. | |||||
| CVE-2015-4836 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2025-04-12 | 2.8 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. | |||||
| CVE-2016-3460 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Eperformance | 2025-04-12 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to ePerformance. | |||||
| CVE-2014-6571 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2011-1944. | |||||
| CVE-2015-4491 | 8 Canonical, Fedoraproject, Gnome and 5 more | 8 Ubuntu Linux, Fedora, Gdk-pixbuf and 5 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | |||||
| CVE-2016-0697 | 1 Oracle | 1 Application Object Library | 2025-04-12 | 3.6 LOW | 6.0 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2016-5403 | 5 Canonical, Debian, Oracle and 2 more | 13 Ubuntu Linux, Debian Linux, Linux and 10 more | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion. | |||||
| CVE-2016-5425 | 3 Apache, Oracle, Redhat | 9 Tomcat, Instantis Enterprisetrack, Linux and 6 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group. | |||||