Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Total 10086 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-6595 2 Opensuse, Oracle 2 Opensuse, Vm Virtualbox 2025-04-12 3.2 LOW N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2015-0427.
CVE-2016-2791 5 Mozilla, Opensuse, Oracle and 2 more 6 Firefox, Leap, Opensuse and 3 more 2025-04-12 6.8 MEDIUM 8.8 HIGH
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVE-2016-3504 1 Oracle 1 Jdeveloper 2025-04-12 7.5 HIGH 9.8 CRITICAL
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces.
CVE-2015-0470 1 Oracle 2 Jdk, Jre 2025-04-12 4.3 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
CVE-2015-4911 1 Oracle 3 Jdk, Jre, Jrockit 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
CVE-2016-5486 1 Oracle 1 Sun Zfs Storage Appliance Kit 2025-04-12 4.9 MEDIUM 5.5 MEDIUM
Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Services.
CVE-2015-0511 1 Oracle 1 Mysql 2025-04-12 2.8 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
CVE-2015-4742 1 Oracle 1 Fusion Middleware 2025-04-12 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.
CVE-2014-6527 1 Oracle 1 Jre 2025-04-12 2.6 LOW N/A
Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6476.
CVE-2016-1965 3 Mozilla, Opensuse, Oracle 3 Firefox, Opensuse, Linux 2025-04-12 4.3 MEDIUM 4.3 MEDIUM
Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.
CVE-2015-2636 1 Oracle 1 Fusion Middleware 2025-04-12 7.5 HIGH N/A
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-4758, and CVE-2015-4759.
CVE-2015-4913 7 Canonical, Debian, Fedoraproject and 4 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
CVE-2015-4828 1 Oracle 1 Peoplesoft Products 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via vectors related to FIN Resource Management (Security).
CVE-2015-0432 7 Canonical, Debian, Fedoraproject and 4 more 14 Ubuntu Linux, Debian Linux, Fedora and 11 more 2025-04-12 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
CVE-2016-0434 1 Oracle 1 Retail Applications 2025-04-12 1.9 LOW N/A
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0436, CVE-2016-0437, and CVE-2016-0438.
CVE-2016-0617 1 Oracle 1 Linux 2025-04-12 4.6 MEDIUM 5.5 MEDIUM
Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
CVE-2016-5511 1 Oracle 1 Webcenter Sites 2025-04-12 4.3 MEDIUM 4.3 MEDIUM
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors.
CVE-2016-0412 1 Oracle 1 Peoplesoft Supply Chain Management Eprocurement 2025-04-12 3.5 LOW N/A
Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status.
CVE-2016-0777 5 Apple, Hp, Openbsd and 2 more 7 Mac Os X, Remote Device Access Virtual Customer Access System, Openssh and 4 more 2025-04-12 4.0 MEDIUM 6.5 MEDIUM
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2014-8768 4 Canonical, Opensuse, Oracle and 1 more 4 Ubuntu Linux, Opensuse, Solaris and 1 more 2025-04-12 5.0 MEDIUM N/A
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.