Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6567 | 1 Oracle | 1 Database Server | 2025-04-12 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command. | |||||
| CVE-2016-0536 | 1 Oracle | 1 Universal Work Queue | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to error messages. | |||||
| CVE-2016-5486 | 1 Oracle | 1 Sun Zfs Storage Appliance Kit | 2025-04-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Services. | |||||
| CVE-2015-4791 | 1 Oracle | 1 Mysql | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges. | |||||
| CVE-2015-4874 | 1 Oracle | 1 Enterprise Manager Grid Control | 2025-04-12 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen. | |||||
| CVE-2016-0661 | 3 Canonical, Oracle, Redhat | 3 Ubuntu Linux, Mysql, Enterprise Linux | 2025-04-12 | 3.5 LOW | 4.7 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options. | |||||
| CVE-2016-0403 | 1 Oracle | 1 Solaris | 2025-04-12 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB Utilities. | |||||
| CVE-2016-5611 | 1 Oracle | 1 Vm Virtualbox | 2025-04-12 | 2.1 LOW | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core. | |||||
| CVE-2014-0455 | 4 Canonical, Ibm, Microsoft and 1 more | 5 Ubuntu Linux, Forms Viewer, Windows and 2 more | 2025-04-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402. | |||||
| CVE-2016-0674 | 1 Oracle | 1 Siebel Core-common Components | 2025-04-12 | 3.2 LOW | 4.4 MEDIUM |
| Unspecified vulnerability in the Siebel Core - Common Components component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality and integrity via vectors related to Email. | |||||
| CVE-2016-0699 | 1 Oracle | 1 Flexcube Direct Banking | 2025-04-12 | 9.4 HIGH | 9.1 CRITICAL |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component. | |||||
| CVE-2014-2398 | 5 Canonical, Debian, Ibm and 2 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2025-04-12 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. | |||||
| CVE-2015-6015 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file. | |||||
| CVE-2016-5696 | 3 Google, Linux, Oracle | 3 Android, Linux Kernel, Vm Server | 2025-04-12 | 5.8 MEDIUM | 4.8 MEDIUM |
| net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. | |||||
| CVE-2016-5456 | 1 Oracle | 1 Siebel Core-server Framework | 2025-04-12 | 6.3 MEDIUM | 5.3 MEDIUM |
| Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Services. | |||||
| CVE-2014-6534 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect integrity via vectors related to WLS Console. | |||||
| CVE-2014-2414 | 3 Canonical, Debian, Oracle | 4 Ubuntu Linux, Debian Linux, Jdk and 1 more | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB. | |||||
| CVE-2015-2635 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759. | |||||
| CVE-2016-1283 | 4 Fedoraproject, Oracle, Pcre and 1 more | 4 Fedora, Solaris, Pcre and 1 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. | |||||
| CVE-2015-4867 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4880. | |||||