Filtered by vendor Oracle
Subscribe
Search
Total
8935 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3140 | 1 Oracle | 1 Supply Chain Products Suite | 2013-10-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM For Process component in Oracle Supply Chain Products Suite 6.0.0.6.3 and 6.1.0.1.14 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Supply Chain Relationship Management. | |||||
| CVE-2012-3139 | 1 Oracle | 1 E-business Suite | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon (local and SSO). | |||||
| CVE-2012-3138 | 1 Oracle | 1 E-business Suite | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Web interface. | |||||
| CVE-2012-3134 | 1 Oracle | 1 Database Server | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2012-3148 | 1 Oracle | 1 E-business Suite | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity, related to Wireless/WAP upload. | |||||
| CVE-2012-1763 | 1 Oracle | 1 Industry Applications | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Applications 4.6.0 and 4.6.2 allows remote authenticated users to affect confidentiality, related to HTML Surround. | |||||
| CVE-2012-1755 | 1 Oracle | 1 Peoplesoft Products | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 allows remote attackers to affect integrity via vectors related to PeopleBooks - PSOL. | |||||
| CVE-2012-1751 | 1 Oracle | 1 Database Server | 2013-10-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive. | |||||
| CVE-2012-1745 | 1 Oracle | 1 Database Server | 2013-10-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2012-1740 | 1 Oracle | 1 Application Express Listener | 2013-10-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Oracle Application Express Listener component in Oracle Application Express Listener 1.1-ea, 1.1.1, 1.1.2, and 1.1.3 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2012-1747 | 1 Oracle | 1 Database Server | 2013-10-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1746. | |||||
| CVE-2012-1746 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2013-10-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1747. | |||||
| CVE-2012-1701 | 1 Oracle | 1 Siebel Crm | 2013-10-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Highly Interactive Web UI. | |||||
| CVE-2012-1700 | 1 Oracle | 1 Siebel Crm | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel UI Framework. | |||||
| CVE-2012-1680 | 1 Oracle | 1 Siebel Crm | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel Apps - Multi-channel Technologies. | |||||
| CVE-2012-1679 | 1 Oracle | 1 Financial Services Software | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect integrity via unknown vectors related to Core-Base. | |||||
| CVE-2012-1678 | 1 Oracle | 1 Jd Edwards Products | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.98, 9.1, and 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC. | |||||
| CVE-2012-1677 | 1 Oracle | 1 Fusion Middleware | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2012-1676 | 1 Oracle | 1 Financial Services Software | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Virtual Banking. | |||||
| CVE-2012-1706 | 1 Oracle | 1 Financial Services Software | 2013-10-11 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Logging. | |||||
| CVE-2012-0552 | 1 Oracle | 1 Database Server | 2013-10-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2012-0510 | 1 Oracle | 1 Database Server | 2013-10-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7 allows remote attackers to affect integrity and availability via unknown vectors. | |||||
| CVE-2012-0107 | 1 Oracle | 1 Fusion Middleware | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote attackers to affect availability via unknown vectors related to Web. | |||||
| CVE-2012-0511 | 1 Oracle | 1 Database Server | 2013-10-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2012-0528 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2013-10-11 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security Framework. | |||||
| CVE-2012-0512 | 1 Oracle | 1 Database Server | 2013-10-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7 and 11.2.0.2 and Oracle Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Config Management. | |||||
| CVE-2012-0520 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2013-10-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2, and in Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote attackers to affect integrity via unknown vectors related to Security Framework. | |||||
| CVE-2012-0523 | 1 Oracle | 1 Sun Products Suite | 2013-10-11 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to sgepasswd. | |||||
| CVE-2012-0534 | 1 Oracle | 1 Database Server | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session. | |||||
| CVE-2012-0541 | 1 Oracle | 1 Financial Services Software | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Core-My Services. | |||||
| CVE-2012-0106 | 1 Oracle | 1 Fusion Middleware | 2013-10-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web. | |||||
| CVE-2012-0525 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2013-10-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Config Management. | |||||
| CVE-2012-0208 | 1 Oracle | 1 Sun Products Suite | 2013-10-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to qrsh. | |||||
| CVE-2012-0509 | 1 Oracle | 1 Financial Services Software | 2013-10-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2 and 5.3.0 through 5.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Core-Base. | |||||
| CVE-2013-3763 | 1 Oracle | 1 Fusion Middleware | 2013-09-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764. | |||||
| CVE-2013-3764 | 1 Oracle | 1 Fusion Middleware | 2013-08-22 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3763. | |||||
| CVE-2013-3779 | 1 Oracle | 2 Virtualization, Vm Virtualbox | 2013-08-22 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI. | |||||
| CVE-2013-3823 | 1 Oracle | 1 Supply Chain Products Suite | 2013-08-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2013-3747 | 1 Oracle | 1 E-business Suite | 2013-08-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Client System Analyzer. | |||||
| CVE-2007-5509 | 1 Oracle | 1 Database Server | 2013-08-09 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06. | |||||
| CVE-2012-3136 | 1 Oracle | 2 Jdk, Jre | 2013-04-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682. | |||||
| CVE-2012-5383 | 1 Oracle | 1 Mysql | 2013-03-02 | 6.2 MEDIUM | N/A |
| ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation. | |||||
| CVE-2010-0885 | 1 Oracle | 1 Sun Products Suite | 2013-02-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book. | |||||
| CVE-2010-3545 | 1 Oracle | 1 Sun Products Suite | 2013-02-07 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration. | |||||
| CVE-2010-3546 | 1 Oracle | 1 Sun Products Suite | 2013-02-07 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products Suite 8.1 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2010-3544 | 1 Oracle | 1 Sun Products Suite | 2013-02-07 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console. | |||||
| CVE-2010-3579 | 1 Oracle | 1 Sun Products Suite | 2013-02-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. | |||||
| CVE-2010-3535 | 1 Oracle | 1 Sun Products Suite | 2013-02-07 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows. | |||||
| CVE-2013-1490 | 1 Oracle | 2 Jdk, Jre | 2013-02-04 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7 Update 11 (JRE 1.7.0_11-b21) allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors, aka "Issue 51," a different vulnerability than CVE-2013-0431. NOTE: as of 20130130, this vulnerability does not contain any independently-verifiable details, and there is no vendor acknowledgement. A CVE identifier is being assigned because this vulnerability has received significant public attention, and the original researcher has an established history of releasing vulnerability reports that have been fixed by vendors. NOTE: this issue also exists in SE 6, but it cannot be exploited without a separate vulnerability. | |||||
| CVE-2010-2087 | 3 Caucho, Ibm, Oracle | 3 Resin, Websphere Application Server, Mojarra | 2013-01-28 | 4.3 MEDIUM | N/A |
| Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object. | |||||