Filtered by vendor Oracle
Subscribe
Total
9593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-3242 | 1 Oracle | 1 Vm Server | 2017-01-31 | 1.9 LOW | 5.9 MEDIUM |
| Vulnerability in the Oracle VM Server for Sparc component of Oracle Sun Systems Products Suite (subcomponent: LDOM Manager). Supported versions that are affected are 3.2 and 3.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM Server for Sparc executes to compromise Oracle VM Server for Sparc. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM Server for Sparc, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM Server for Sparc. CVSS v3.0 Base Score 5.9 (Availability impacts). | |||||
| CVE-2017-3239 | 1 Oracle | 1 Glassfish Server | 2017-01-31 | 2.1 LOW | 3.3 LOW |
| Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GlassFish Server executes to compromise Oracle GlassFish Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GlassFish Server accessible data. CVSS v3.0 Base Score 3.3 (Confidentiality impacts). | |||||
| CVE-2017-3296 | 1 Oracle | 1 Commerce Platform | 2017-01-30 | 4.3 MEDIUM | 4.3 MEDIUM |
| Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). Supported versions that are affected are 10.0.3.5, 10.2.0.5 and 11.2.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Platform. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Commerce Platform accessible data. CVSS v3.0 Base Score 4.3 (Confidentiality impacts). | |||||
| CVE-2016-10086 | 5 Ca, Ibm, Linux and 2 more | 6 Service Desk Management, Service Desk Manager, Aix and 3 more | 2017-01-20 | 5.5 MEDIUM | 8.1 HIGH |
| RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request. | |||||
| CVE-2014-2470 | 1 Oracle | 1 Fusion Middleware | 2017-01-07 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Security. | |||||
| CVE-2014-2435 | 1 Oracle | 1 Mysql | 2017-01-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
| CVE-2014-2434 | 1 Oracle | 1 Mysql | 2017-01-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |||||
| CVE-2014-1561 | 2 Mozilla, Oracle | 2 Firefox, Solaris | 2017-01-07 | 5.8 MEDIUM | N/A |
| Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | |||||
| CVE-2014-1557 | 3 Debian, Mozilla, Oracle | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2017-01-07 | 9.3 HIGH | N/A |
| The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. | |||||
| CVE-2013-5793 | 1 Oracle | 1 Mysql | 2017-01-07 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786. | |||||
| CVE-2013-5786 | 1 Oracle | 1 Mysql | 2017-01-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5793. | |||||
| CVE-2013-5770 | 1 Oracle | 1 Mysql | 2017-01-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. | |||||
| CVE-2013-5767 | 1 Oracle | 1 Mysql | 2017-01-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2015-2574 | 1 Oracle | 1 Solaris | 2017-01-04 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality via unknown vectors related to Text Utilities. | |||||
| CVE-2016-0451 | 1 Oracle | 1 Goldengate | 2017-01-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-0452. | |||||
| CVE-2016-0450 | 1 Oracle | 1 Goldengate | 2017-01-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2015-0447 | 1 Oracle | 1 E-business Suite | 2017-01-03 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via vectors related to Configurator DMZ rules. | |||||
| CVE-2015-0448 | 1 Oracle | 1 Solaris | 2017-01-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to ZFS File system. | |||||
| CVE-2015-0449 | 1 Oracle | 1 Fusion Middleware | 2017-01-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console. | |||||
| CVE-2015-0414 | 1 Oracle | 1 Fusion Middleware | 2017-01-03 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Fabric Layer. | |||||