Filtered by vendor Oracle
Subscribe
Total
10030 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6488 | 1 Oracle | 2 Enterprise Manager Database Control, Enterprise Manager Grid Control | 2025-04-12 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management. | |||||
| CVE-2016-5578 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 7.5 HIGH | 8.6 HIGH |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558, CVE-2016-5574, CVE-2016-5577, CVE-2016-5579, and CVE-2016-5588. | |||||
| CVE-2014-2489 | 1 Oracle | 1 Vm Virtualbox | 2025-04-12 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core. | |||||
| CVE-2015-0363 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services. | |||||
| CVE-2016-5418 | 3 Libarchive, Oracle, Redhat | 10 Libarchive, Linux, Enterprise Linux Desktop and 7 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. | |||||
| CVE-2014-4250 | 1 Oracle | 1 Siebel Crm | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Siebel Core - Server OM Frwks component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Object Manager. | |||||
| CVE-2016-0423 | 1 Oracle | 1 Jd Edwards Products | 2025-04-12 | 7.3 HIGH | N/A |
| Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Enterprise Infrastructure SEC. | |||||
| CVE-2015-2726 | 3 Mozilla, Novell, Oracle | 5 Firefox, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 2 more | 2025-04-12 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2014-8991 | 2 Oracle, Pypa | 2 Solaris, Pip | 2025-04-12 | 2.1 LOW | N/A |
| pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. | |||||
| CVE-2016-0413 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support. | |||||
| CVE-2014-4291 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, CVE-2014-6547, and CVE-2014-6477. | |||||
| CVE-2014-2409 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment. | |||||
| CVE-2015-4790 | 1 Oracle | 1 Berkeley Db | 2025-04-12 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, and CVE-2015-4789. | |||||
| CVE-2015-3330 | 4 Apple, Oracle, Php and 1 more | 11 Mac Os X, Linux, Solaris and 8 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter." | |||||
| CVE-2015-0405 | 2 Novell, Oracle | 4 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit and 1 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. | |||||
| CVE-2015-2721 | 5 Canonical, Debian, Mozilla and 2 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue. | |||||
| CVE-2014-4245 | 1 Oracle | 1 Database Server | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2015-0828 | 3 Mozilla, Opensuse, Oracle | 3 Firefox, Opensuse, Solaris | 2025-04-12 | 6.8 MEDIUM | N/A |
| Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data. | |||||
| CVE-2016-3532 | 1 Oracle | 1 Advanced Inbound Telephony | 2025-04-12 | 7.8 HIGH | 8.2 HIGH |
| Unspecified vulnerability in the Oracle Advanced Inbound Telephony component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to SDK client integration. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-6474 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED. | |||||