Filtered by vendor Oracle
Subscribe
Total
9593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1695 | 2 Oracle, Sun | 3 Fusion Middleware, Jdk, Jre | 2017-12-14 | 10.0 HIGH | 6.8 MEDIUM |
| Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2012-0559 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Billing. | |||||
| CVE-2012-0533 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FCSM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Receivables. | |||||
| CVE-2012-0531 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect integrity via unknown vectors related to Enterprise Portal. | |||||
| CVE-2012-0530 | 1 Oracle | 1 Peoplesoft Products | 2017-12-13 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect integrity via unknown vectors related to eProcurement. | |||||
| CVE-2012-0522 | 1 Oracle | 1 Fusion Middleware | 2017-12-13 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Java Business Objects. | |||||
| CVE-2012-0516 | 1 Oracle | 1 Sun Products Suite | 2017-12-13 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console. | |||||
| CVE-2015-4020 | 2 Oracle, Rubygems | 2 Solaris, Rubygems | 2017-12-09 | 4.3 MEDIUM | N/A |
| RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900. | |||||
| CVE-2017-3319 | 1 Oracle | 1 Mysql | 2017-12-08 | 3.5 LOW | 3.1 LOW |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts). | |||||
| CVE-2017-3256 | 1 Oracle | 1 Mysql | 2017-12-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). | |||||
| CVE-2017-3251 | 1 Oracle | 1 Mysql | 2017-12-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts). | |||||
| CVE-2012-1710 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709. | |||||
| CVE-2012-1709 | 1 Oracle | 1 Fusion Middleware | 2017-12-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1710. | |||||
| CVE-2012-1693 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2017-12-07 | 2.6 LOW | N/A |
| Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 allows remote attackers to affect availability, related to XSCF Control Package (XCP). | |||||
| CVE-2012-1674 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-0582. | |||||
| CVE-2012-0582 | 1 Oracle | 1 Industry Applications | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-1674. | |||||
| CVE-2012-0580 | 1 Oracle | 1 Supply Chain Products Suite | 2017-12-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Supplier Portal. | |||||
| CVE-2012-0564 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50 and 8.51 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Query. | |||||
| CVE-2012-0562 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than CVE-2012-1748. | |||||
| CVE-2012-0561 | 1 Oracle | 1 Peoplesoft Products | 2017-12-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to PIA Core Technology. | |||||