Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6577 | 1 Oracle | 1 Database Server | 2016-11-28 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial of service via a crafted (1) http: or (2) ftp: URI. | |||||
| CVE-2014-6567 | 1 Oracle | 1 Database Server | 2016-11-28 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command. | |||||
| CVE-2014-2468 | 1 Oracle | 1 Siebel Crm | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Open_UI, a different vulnerability than CVE-2014-4230. | |||||
| CVE-2013-2404 | 1 Oracle | 1 Peoplesoft Products | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-3818. | |||||
| CVE-2013-5794 | 1 Oracle | 1 Peoplesoft Products | 2016-11-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5841. | |||||
| CVE-2013-5841 | 1 Oracle | 1 Peoplesoft Products | 2016-11-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5794. | |||||
| CVE-2013-4701 | 1 Janrain | 1 Php-openid | 2016-11-28 | 7.5 HIGH | N/A |
| Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2012-3175 | 1 Oracle | 1 Fusion Middleware | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-0518. | |||||
| CVE-2013-1438 | 1 Dave Coffin | 1 Dcraw | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference. | |||||
| CVE-2008-2604 | 1 Oracle | 2 Authentication Component, Database Server | 2016-11-28 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2605. | |||||
| CVE-2011-2237 | 1 Oracle | 1 Fusion Middleware | 2016-11-28 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 10.1.3.5.0 and 10.1.3.5.1 allows remote authenticated users to affect integrity, related to WSM Console, a different vulnerability than CVE-2011-3523. | |||||
| CVE-2010-2409 | 1 Oracle | 1 Fusion Middleware | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2410. | |||||
| CVE-2011-0819 | 1 Oracle | 6 Enterpriseone Tools, Jd Edwards Enterpriseone, Jd Edwards Enterpriseone Ep and 3 more | 2016-11-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0823. | |||||
| CVE-2008-2605 | 1 Oracle | 2 Authentication Component, Database Server | 2016-11-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2604. | |||||
| CVE-2010-2410 | 1 Oracle | 1 Fusion Middleware | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2395 and CVE-2010-2409. | |||||
| CVE-2010-2395 | 1 Oracle | 1 Fusion Middleware | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-2409 and CVE-2010-2410. | |||||
| CVE-2012-0527 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5, allows remote attackers to affect integrity via unknown vectors related to Schema Management, a different vulnerability than CVE-2012-0526. | |||||
| CVE-2010-3539 | 1 Oracle | 1 Peoplesoft And Jdedwards Product Suite | 2016-11-28 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2010-3538. | |||||
| CVE-2011-0823 | 1 Oracle | 6 Enterpriseone Tools, Jd Edwards Enterpriseone, Jd Edwards Enterpriseone Ep and 3 more | 2016-11-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect integrity, related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2011-0819. | |||||
| CVE-2009-3407 | 1 Oracle | 1 Application Server | 2016-11-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983. | |||||