Filtered by vendor Oracle
Subscribe
Total
10171 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4305 | 1 Oracle | 1 Javafx | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue allows remote attackers to execute arbitrary code via vectors related to an "invalid type cast" and exposed native methods in the T2KGlyph class. | |||||
| CVE-2012-5078 | 1 Oracle | 1 Javafx | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2012-5080. | |||||
| CVE-2013-0401 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | |||||
| CVE-2012-5074 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS. | |||||
| CVE-2012-5070 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX. | |||||
| CVE-2012-5088 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||||
| CVE-2013-0439 | 1 Oracle | 1 Javafx | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. | |||||
| CVE-2013-0402 | 1 Oracle | 3 Javafx, Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | |||||
| CVE-2012-5082 | 1 Oracle | 1 Javafx | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2012-1726 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | |||||
| CVE-2012-0105 | 1 Oracle | 2 Virtualization, Vm Virtualbox | 2017-09-19 | 3.7 LOW | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Guest Additions. | |||||
| CVE-2012-0111 | 1 Oracle | 2 Virtualization, Vm Virtualbox | 2017-09-19 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders. | |||||
| CVE-2012-1543 | 1 Oracle | 1 Javafx | 2017-09-19 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an invalid type cast in the JSObject class. | |||||
| CVE-2011-2300 | 1 Oracle | 1 Vm Virtualbox | 2017-09-19 | 3.7 LOW | N/A |
| Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 through 4.0.8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows. | |||||
| CVE-2011-2305 | 1 Oracle | 1 Vm Virtualbox | 2017-09-19 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-4414 | 1 Oracle | 1 Vm Virtualbox | 2017-09-19 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Extensions. | |||||
| CVE-2010-3654 | 7 Adobe, Apple, Google and 4 more | 9 Acrobat, Acrobat Reader, Flash Player and 6 more | 2017-09-19 | 9.3 HIGH | N/A |
| Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. | |||||
| CVE-2010-3564 | 1 Oracle | 1 Sun Products Suite | 2017-09-19 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue. | |||||
| CVE-2010-0890 | 1 Oracle | 2 Opensolaris, Sun Products Suite | 2017-09-19 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel. | |||||
| CVE-2010-0882 | 1 Oracle | 2 Opensolaris, Sun Products Suite | 2017-09-19 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions. | |||||