Filtered by vendor Oracle
Subscribe
Total
10171 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4817 | 1 Oracle | 1 Solaris | 2016-12-24 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver. | |||||
| CVE-2015-4862 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2016-12-24 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
| CVE-2015-5964 | 3 Canonical, Djangoproject, Oracle | 3 Ubuntu Linux, Django, Solaris | 2016-12-24 | 5.0 MEDIUM | N/A |
| The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors. | |||||
| CVE-2015-4848 | 1 Oracle | 1 Supply Chain Products Suite | 2016-12-24 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Integration with Peoplesoft. | |||||
| CVE-2015-4824 | 1 Oracle | 1 Supply Chain Products Suite | 2016-12-24 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2015-4888 | 1 Oracle | 1 Database Server | 2016-12-24 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4796. | |||||
| CVE-2015-4818 | 1 Oracle | 1 Peoplesoft Products | 2016-12-24 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 allows remote authenticated users to affect confidentiality and integrity via vectors related to PIA Core Technology. | |||||
| CVE-2015-4869 | 1 Oracle | 1 Solaris | 2016-12-24 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2015-4891 | 1 Oracle | 1 Solaris | 2016-12-24 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD. | |||||
| CVE-2015-4915 | 1 Oracle | 1 Oracle And Sun Systems Product Suite | 2016-12-24 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Management. | |||||
| CVE-2015-3219 | 3 Debian, Openstack, Oracle | 3 Debian Linux, Horizon, Solaris | 2016-12-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class. | |||||
| CVE-2015-4766 | 1 Oracle | 1 Mysql | 2016-12-24 | 1.9 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall. | |||||
| CVE-2015-4730 | 1 Oracle | 1 Mysql | 2016-12-24 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types. | |||||
| CVE-2015-4887 | 1 Oracle | 1 Peoplesoft Products | 2016-12-24 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ePerformance. | |||||
| CVE-2015-2642 | 1 Oracle | 1 Solaris | 2016-12-24 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip. | |||||
| CVE-2015-4797 | 1 Oracle | 1 Supply Chain Products Suite | 2016-12-24 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security. | |||||
| CVE-2015-2608 | 1 Oracle | 1 Communications Applications | 2016-12-24 | 10.0 HIGH | N/A |
| Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; (2) the Oracle Communications Performance Intelligence Center Software component in Oracle Communications Applications 9.0.3 and earlier and 10.1.5 and earlier; (3) the Oracle Communications Policy Management component in Oracle Communications Applications 9.9.0 and earlier, 10.5.0 and earlier, 11.5.0 and earlier, and 12.1.0 and earlier; and (4) the Oracle Communications Tekelec HLR Router component in Oracle Communications Applications 4.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to PMAC. | |||||
| CVE-2016-0618 | 1 Oracle | 1 Solaris | 2016-12-22 | 1.4 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via unknown vectors related to Zones. | |||||
| CVE-2016-0492 | 1 Oracle | 1 Application Testing Suite | 2016-12-22 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do. | |||||
| CVE-2016-0489 | 1 Oracle | 1 Application Testing Suite | 2016-12-22 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Test Manager for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the ActionServlet servlet, which allows remote authenticated users to upload and execute arbitrary files via directory traversal sequences in the tempfilename parameter in a ReportImage action. | |||||