Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5373 | 1 Oracle | 3 Jdk, Jre, Openjdk | 2025-04-11 | 5.0 MEDIUM | N/A |
| Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739. | |||||
| CVE-2010-0916 | 1 Oracle | 1 Opensolaris | 2025-04-11 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist. | |||||
| CVE-2012-0558 | 1 Oracle | 1 Primavera Products Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 6.2.1, 8.0, 8.1, and 8.2 allows remote attackers to affect integrity via unknown vectors related to Web application. | |||||
| CVE-2013-2566 | 4 Canonical, Fujitsu, Mozilla and 1 more | 24 Ubuntu Linux, M10-1, M10-1 Firmware and 21 more | 2025-04-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | |||||
| CVE-2014-0374 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Page Parameters and Events. | |||||
| CVE-2011-5035 | 1 Oracle | 1 Glassfish Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. | |||||
| CVE-2010-4430 | 1 Oracle | 1 Peoplesoft And Jdedwards Product Suite | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.1 Update 2010-F allows remote authenticated users to affect confidentiality via unknown vectors related to Absence Management. | |||||
| CVE-2010-3505 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders, Files & Attachments, a different vulnerability than CVE-2010-4429. | |||||
| CVE-2014-1483 | 5 Canonical, Mozilla, Opensuse and 2 more | 8 Ubuntu Linux, Firefox, Seamonkey and 5 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions. | |||||
| CVE-2011-0834 | 1 Oracle | 1 Siebel Crm | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive. | |||||
| CVE-2013-1542 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime. | |||||
| CVE-2012-5059 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-0392. | |||||
| CVE-2013-2387 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to BASE. | |||||
| CVE-2011-2241 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 10.1.3.4.1 and 11.1.1.3 allows remote attackers to affect availability via unknown vectors related to Analytics Server. | |||||
| CVE-2013-3822 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote attackers to affect integrity via unknown vectors related to Web Client (CS). | |||||
| CVE-2012-1675 | 1 Oracle | 1 Database Server | 2025-04-11 | 7.5 HIGH | N/A |
| The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka "TNS Poison." | |||||
| CVE-2012-3128 | 1 Oracle | 14 Netra Sparc T3-1, Netra Sparc T3-1b, Netra Sparc T4-1 and 11 more | 2025-04-11 | 3.7 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC T-Series Servers running System Firmware 8.2.0 and 8.1.4.e or earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Integrated Lights Out Manager. | |||||
| CVE-2010-2386 | 1 Oracle | 2 Opensolaris, Solaris | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to GigaSwift Ethernet Driver. | |||||
| CVE-2013-1562 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0 allows remote authenticated users to affect integrity via vectors related to HELP. | |||||
| CVE-2013-5831 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5819. | |||||