Filtered by vendor Oracle
Subscribe
Search
Total
8935 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0559 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Billing. | |||||
| CVE-2012-0533 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FCSM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Receivables. | |||||
| CVE-2012-0531 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect integrity via unknown vectors related to Enterprise Portal. | |||||
| CVE-2012-0522 | 1 Oracle | 1 Fusion Middleware | 2017-12-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Java Business Objects. | |||||
| CVE-2012-0516 | 1 Oracle | 1 Sun Products Suite | 2017-12-13 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console. | |||||
| CVE-2015-4020 | 2 Oracle, Rubygems | 2 Solaris, Rubygems | 2017-12-09 | 4.3 MEDIUM | N/A |
| RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900. | |||||
| CVE-2017-3251 | 1 Oracle | 1 Mysql | 2017-12-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts). | |||||
| CVE-2017-3319 | 1 Oracle | 1 Mysql | 2017-12-08 | 3.5 LOW | 3.1 LOW |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts). | |||||
| CVE-2017-3256 | 1 Oracle | 1 Mysql | 2017-12-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). | |||||
| CVE-2012-0515 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Identity Manager Connector component in Oracle Fusion Middleware 9.1.0.4 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2012-0514 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality, related to SEC. | |||||
| CVE-2012-0513 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity, related to REST Services. | |||||
| CVE-2012-0521 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 Bundle #9 allows remote authenticated users to affect confidentiality via unknown vectors related to Human Resources. | |||||
| CVE-2012-0524 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.2 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows local users to affect confidentiality and integrity via unknown vectors related to File Processing. | |||||
| CVE-2012-0529 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51 allows remote authenticated users to affect integrity via unknown vectors related to core. | |||||
| CVE-2012-0532 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Config Management. | |||||
| CVE-2012-0535 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Change Password Page. | |||||
| CVE-2012-0536 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 through Bundle #26 allows remote authenticated users to affect confidentiality via unknown vectors related to eCompensation. | |||||
| CVE-2012-0517 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to eCompensation Manager Desktop. | |||||
| CVE-2012-0537 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity, related to HTML pages. | |||||
| CVE-2012-0538 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Search. | |||||
| CVE-2012-0542 | 1 Oracle | 1 E-business Suite | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Runtime Catalog. | |||||
| CVE-2012-0543 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 10.1.3.4.1 and 10.1.3.4.2 allows remote attackers to affect integrity via unknown vectors related to Administration. | |||||
| CVE-2012-0548 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2017-12-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 and earlier allows local users to affect confidentiality, related to XSCF Control Package (XCP). | |||||
| CVE-2012-0549 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API. | |||||
| CVE-2012-0550 | 1 Oracle | 1 Glassfish Server | 2017-12-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web Container. | |||||
| CVE-2012-0554 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0555, CVE-2012-0556, and CVE-2012-0557. | |||||
| CVE-2012-0555 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0556, and CVE-2012-0557. | |||||
| CVE-2012-0556 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555, and CVE-2012-0557. | |||||
| CVE-2012-0557 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555, and CVE-2012-0556. | |||||
| CVE-2012-0558 | 1 Oracle | 1 Primavera Products Suite | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 6.2.1, 8.0, 8.1, and 8.2 allows remote attackers to affect integrity via unknown vectors related to Web application. | |||||
| CVE-2012-0560 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal. | |||||
| CVE-2012-0561 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to PIA Core Technology. | |||||
| CVE-2012-0562 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than CVE-2012-1748. | |||||
| CVE-2012-0564 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50 and 8.51 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Query. | |||||
| CVE-2012-0580 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Supplier Portal. | |||||
| CVE-2012-0582 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-1674. | |||||
| CVE-2012-1674 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-0582. | |||||
| CVE-2012-1693 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 allows remote attackers to affect availability, related to XSCF Control Package (XCP). | |||||
| CVE-2012-1709 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1710. | |||||
| CVE-2012-1710 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709. | |||||
| CVE-2016-2334 | 3 7-zip, Fedoraproject, Oracle | 3 7-zip, Fedora, Solaris | 2017-12-03 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. | |||||
| CVE-2012-3135 | 1 Oracle | 1 Fusion Middleware | 2017-12-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and before, and 27.7.2 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2017-10266 | 1 Oracle | 1 Tuxedo | 2017-11-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Tuxedo accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2017-10267 | 1 Oracle | 1 Tuxedo | 2017-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2015-3197 | 2 Openssl, Oracle | 6 Openssl, Exalogic Infrastructure, Oss Support Tools and 3 more | 2017-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. | |||||
| CVE-2013-3744 | 1 Oracle | 2 Jdk, Jre | 2017-11-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400. | |||||
| CVE-2013-3754 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2017-11-18 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to HA for TimesTen. | |||||
| CVE-2013-3746 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2017-11-18 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.2, 3.3, and 4 prior to 4.1 SRU 3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Cluster Infrastructure. | |||||
| CVE-2017-10342 | 1 Oracle | 1 Java Advanced Management Console | 2017-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java Advanced Management Console. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java Advanced Management Console. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||