Filtered by vendor Oracle
Subscribe
Search
Total
3509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6629 | 3 Artifex, Google, Oracle | 3 Gpl Ghostscript, Chrome, Solaris | 2018-01-05 | 5.0 MEDIUM | N/A |
| The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
| CVE-2012-3116 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-22 | 1.9 LOW | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2012-3117 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to HTTP. | |||||
| CVE-2012-3118 | 1 Oracle | 1 Peoplesoft Products | 2017-12-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect confidentiality, related to PANPROC. | |||||
| CVE-2012-3119 | 1 Oracle | 1 Peoplesoft Products | 2017-12-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway. | |||||
| CVE-2000-0987 | 1 Oracle | 2 Internet Directory, Oracle8i | 2017-12-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | |||||
| CVE-2000-0986 | 1 Oracle | 1 Oracle8i | 2017-12-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable. | |||||
| CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2017-12-19 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2002-0559 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name. | |||||
| CVE-2002-0102 | 1 Oracle | 1 Application Server Web Cache | 2017-12-19 | 5.0 MEDIUM | N/A |
| Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters. | |||||
| CVE-1999-1256 | 1 Oracle | 1 Database Assistant | 2017-12-19 | 4.6 MEDIUM | N/A |
| Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | |||||
| CVE-2002-0565 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2017-12-19 | 5.0 MEDIUM | N/A |
| Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to _pages. | |||||
| CVE-2012-1695 | 2 Oracle, Sun | 3 Fusion Middleware, Jdk, Jre | 2017-12-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2012-0559 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Billing. | |||||
| CVE-2012-0531 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect integrity via unknown vectors related to Enterprise Portal. | |||||
| CVE-2012-0530 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect integrity via unknown vectors related to eProcurement. | |||||
| CVE-2012-0522 | 1 Oracle | 1 Fusion Middleware | 2017-12-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Java Business Objects. | |||||
| CVE-2012-0516 | 1 Oracle | 1 Sun Products Suite | 2017-12-13 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console. | |||||
| CVE-2012-0533 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FCSM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Receivables. | |||||
| CVE-2015-4020 | 2 Oracle, Rubygems | 2 Solaris, Rubygems | 2017-12-09 | 4.3 MEDIUM | N/A |
| RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900. | |||||
| CVE-2012-0562 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than CVE-2012-1748. | |||||
| CVE-2012-0564 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50 and 8.51 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Query. | |||||
| CVE-2012-0561 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to PIA Core Technology. | |||||
| CVE-2012-0560 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal. | |||||
| CVE-2012-0554 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0555, CVE-2012-0556, and CVE-2012-0557. | |||||
| CVE-2012-0555 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0556, and CVE-2012-0557. | |||||
| CVE-2012-0556 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555, and CVE-2012-0557. | |||||
| CVE-2012-0549 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API. | |||||
| CVE-2012-0550 | 1 Oracle | 1 Glassfish Server | 2017-12-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container. | |||||
| CVE-2012-0557 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555, and CVE-2012-0556. | |||||
| CVE-2012-0548 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2017-12-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 and earlier allows local users to affect confidentiality, related to XSCF Control Package (XCP). | |||||
| CVE-2012-0558 | 1 Oracle | 1 Primavera Products Suite | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 6.2.1, 8.0, 8.1, and 8.2 allows remote attackers to affect integrity via unknown vectors related to Web application. | |||||
| CVE-2012-0532 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Config Management. | |||||
| CVE-2012-0529 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51 allows remote authenticated users to affect integrity via unknown vectors related to core. | |||||
| CVE-2012-0521 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 Bundle #9 allows remote authenticated users to affect confidentiality via unknown vectors related to Human Resources. | |||||
| CVE-2012-0524 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.2 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows local users to affect confidentiality and integrity via unknown vectors related to File Processing. | |||||
| CVE-2012-0542 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Runtime Catalog. | |||||
| CVE-2012-0515 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Identity Manager Connector component in Oracle Fusion Middleware 9.1.0.4 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2012-0514 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality, related to SEC. | |||||
| CVE-2012-0517 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to eCompensation Manager Desktop. | |||||
| CVE-2012-0543 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 10.1.3.4.1 and 10.1.3.4.2 allows remote attackers to affect integrity via unknown vectors related to Administration. | |||||
| CVE-2012-0513 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity, related to REST Services. | |||||
| CVE-2012-0580 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Supplier Portal. | |||||
| CVE-2012-1709 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1710. | |||||
| CVE-2012-1710 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709. | |||||
| CVE-2012-1693 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 allows remote attackers to affect availability, related to XSCF Control Package (XCP). | |||||
| CVE-2012-0582 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-1674. | |||||
| CVE-2012-1674 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-0582. | |||||
| CVE-2012-0537 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity, related to HTML pages. | |||||