Filtered by vendor Oracle
Subscribe
Search
Total
2803 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5456 | 1 Oracle | 1 Siebel Core-server Framework | 2017-09-01 | 6.3 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Services. | |||||
| CVE-2016-5455 | 1 Oracle | 1 Communications Messaging Server | 2017-09-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communications Applications 6.3, 7.0, and 8.0 allows remote attackers to affect confidentiality via vectors related to Multiplexor. | |||||
| CVE-2016-5454 | 1 Oracle | 1 Solaris | 2017-09-01 | 5.4 MEDIUM | 6.4 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot. | |||||
| CVE-2016-5452 | 1 Oracle | 1 Solaris | 2017-09-01 | 2.1 LOW | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot. | |||||
| CVE-2016-5450 | 1 Oracle | 1 Siebel Ui Framework | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI. | |||||
| CVE-2016-5448 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2017-09-01 | 6.4 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP. | |||||
| CVE-2016-5442 | 1 Oracle | 1 Mysql | 2017-09-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption. | |||||
| CVE-2016-5441 | 1 Oracle | 1 Mysql | 2017-09-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. | |||||
| CVE-2016-3548 | 1 Oracle | 1 Marketing | 2017-09-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Marketing activity collateral. | |||||
| CVE-2016-5437 | 1 Oracle | 1 Mysql | 2017-09-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log. | |||||
| CVE-2016-3542 | 1 Oracle | 1 Knowledge Management | 2017-09-01 | 8.5 HIGH | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2016-5436 | 1 Oracle | 1 Mysql | 2017-09-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. | |||||
| CVE-2016-3547 | 1 Oracle | 1 One-to-one Fulfillment | 2017-09-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Content Manager. | |||||
| CVE-2016-3545 | 1 Oracle | 1 Application Object Library | 2017-09-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Web based help screens. | |||||
| CVE-2016-3529 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 5.0 MEDIUM | 5.8 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3526 and CVE-2016-3560. | |||||
| CVE-2016-3525 | 1 Oracle | 1 Applications Manager | 2017-09-01 | 5.4 MEDIUM | 5.9 MEDIUM |
| Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality via vectors related to Cookie Management. | |||||
| CVE-2016-3524 | 1 Oracle | 1 E-business Suite | 2017-09-01 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration. | |||||
| CVE-2016-3523 | 1 Oracle | 1 Web Applications Desktop Integrator | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service. | |||||
| CVE-2016-3520 | 1 Oracle | 1 E-business Suite | 2017-09-01 | 6.8 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests. | |||||
| CVE-2016-3519 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PC / Get Shortcut. | |||||
| CVE-2016-3518 | 1 Oracle | 1 Mysql | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-3517 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect integrity via vectors related to PC / Get Shortcut. | |||||
| CVE-2016-3514 | 1 Oracle | 1 Enterprise Communications Broker | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3516. | |||||
| CVE-2016-3513 | 1 Oracle | 1 Communications Operations Monitor | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure. | |||||
| CVE-2016-3509 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.9 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality and integrity via vectors related to File Folders / URL Attachment. | |||||
| CVE-2016-3507 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect integrity via vectors related to WebClient / Admin. | |||||
| CVE-2016-3424 | 1 Oracle | 1 Mysql | 2017-09-01 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-3497 | 1 Oracle | 1 Solaris | 2017-09-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471. | |||||
| CVE-2016-3496 | 1 Oracle | 1 Enterprise Manager For Fusion Middleware | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer. | |||||
| CVE-2016-3494 | 1 Oracle | 1 Enterprise Manager Ops Center | 2017-09-01 | 6.1 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2 allows remote attackers to affect availability via vectors related to OS Provisioning. | |||||
| CVE-2016-3489 | 1 Oracle | 1 Database | 2017-09-01 | 7.2 HIGH | 6.7 MEDIUM |
| Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-3488 | 1 Oracle | 1 Database | 2017-09-01 | 4.9 MEDIUM | 4.4 MEDIUM |
| Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. | |||||
| CVE-2016-3432 | 1 Oracle | 1 Business Intelligence Publisher | 2017-09-01 | 4.9 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Server. | |||||
| CVE-2016-3480 | 1 Oracle | 1 Solaris Cluster | 2017-09-01 | 4.9 MEDIUM | 4.4 MEDIUM |
| Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect confidentiality via vectors related to HA for Postgresql. | |||||
| CVE-2016-3478 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2017-09-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing. | |||||
| CVE-2016-3476 | 1 Oracle | 1 Knowledge | 2017-09-01 | 6.4 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote attackers to affect confidentiality and integrity via vectors related to Information Manager Console. | |||||
| CVE-2016-3475 | 1 Oracle | 1 Knowledge | 2017-09-01 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console. | |||||
| CVE-2016-3472 | 1 Oracle | 1 Siebel Engineering-installer And Deployment | 2017-09-01 | 3.5 LOW | 5.7 MEDIUM |
| Unspecified vulnerability in the Siebel Engineering - Installer and Deployment component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Web Server. | |||||
| CVE-2016-3467 | 1 Oracle | 1 Application Express | 2017-09-01 | 5.0 MEDIUM | 5.8 MEDIUM |
| Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2016-3533 | 1 Oracle | 1 Knowledge Management | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Search. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves multiple open redirect vulnerabilities, which allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2016-5443 | 1 Oracle | 1 Mysql | 2017-09-01 | 1.2 LOW | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection. | |||||
| CVE-2016-3502 | 1 Oracle | 1 Webcenter Sites | 2017-09-01 | 6.0 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 11.1.1.8 and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2017-10084 | 1 Oracle | 1 Flexcube Universal Banking | 2017-08-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Report Generator). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2017-10093 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-08-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2017-6259 | 4 Freebsd, Linux, Nvidia and 1 more | 4 Freebsd, Kernel, Gpu Driver and 1 more | 2017-08-08 | 7.1 HIGH | 6.1 MEDIUM |
| NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect detection and recovery from an invalid state produced by specific user actions may lead to denial of service. | |||||
| CVE-2016-5581 | 1 Oracle | 1 Irecruitment | 2017-07-29 | 4.6 MEDIUM | 6.6 MEDIUM |
| Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2016-5632 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-5631 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2017-07-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. | |||||
| CVE-2016-8295 | 1 Oracle | 1 Peoplesoft Enterprise Human Capital Management Time And Labor | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2016-8294 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2017-07-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||