Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Total 10091 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2453 2 Oracle, Sun 4 Jdk, Jre, Jdk and 1 more 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
CVE-2013-5770 1 Oracle 1 Mysql 2025-04-11 2.1 LOW N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
CVE-2013-5888 1 Oracle 2 Jdk, Jre 2025-04-11 4.6 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
CVE-2011-0854 1 Oracle 1 Peoplesoft Enterprise Hrms 2025-04-11 5.5 MEDIUM N/A
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance.
CVE-2011-0836 1 Oracle 6 Enterpriseone Tools, Jd Edwards Enterpriseone, Jd Edwards Enterpriseone Ep and 3 more 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
CVE-2013-5619 6 Canonical, Fedoraproject, Mozilla and 3 more 9 Ubuntu Linux, Fedora, Firefox and 6 more 2025-04-11 7.5 HIGH N/A
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
CVE-2013-5808 1 Oracle 1 Fusion Middleware 2025-04-11 2.6 LOW N/A
Unspecified vulnerability in the Oracle iPlanet Web Proxy Server component in Oracle Fusion Middleware 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Administration.
CVE-2014-0398 1 Oracle 1 E-business Suite 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Discoverer.
CVE-2013-5794 1 Oracle 1 Peoplesoft Products 2025-04-11 5.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5841.
CVE-2013-4590 3 Apache, Debian, Oracle 3 Tomcat, Debian Linux, Solaris 2025-04-11 4.3 MEDIUM N/A
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2012-1727 1 Oracle 1 E-business Suite 2025-04-11 3.5 LOW N/A
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository.
CVE-2012-1677 1 Oracle 1 Fusion Middleware 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors.
CVE-2012-0498 2 Oracle, Sun 2 Jre, Jre 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CVE-2012-3134 1 Oracle 1 Database Server 2025-04-11 4.0 MEDIUM N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors.
CVE-2012-3161 1 Oracle 1 Supply Chain Products Suite 2025-04-11 4.3 MEDIUM N/A
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1.1 allows remote attackers to affect integrity via unknown vectors related to Web Client (CS).
CVE-2013-0362 1 Oracle 1 Database Mobile\/lite Server 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2013-0363 and CVE-2013-0364.
CVE-2013-1488 1 Oracle 2 Jdk, Jre 2025-04-11 10.0 HIGH N/A
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.
CVE-2013-5875 1 Oracle 1 Sunos 2025-04-11 2.7 LOW N/A
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity and availability via vectors related to Role Based Access Control (RBAC).
CVE-2012-1740 1 Oracle 1 Application Express Listener 2025-04-11 7.8 HIGH N/A
Unspecified vulnerability in the Oracle Application Express Listener component in Oracle Application Express Listener 1.1-ea, 1.1.1, 1.1.2, and 1.1.3 allows remote attackers to affect confidentiality via unknown vectors.
CVE-2013-5785 1 Oracle 1 Fusion Middleware 2025-04-11 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication.