Filtered by vendor Oracle
Subscribe
Total
10175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2133 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01. | |||||
| CVE-2008-2597 | 1 Oracle | 2 Times Ten Client Server Component, Times Ten In Memory Database | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2598 and CVE-2008-2599. | |||||
| CVE-2008-4000 | 2 Jdedwards, Oracle | 4 Enterpriseone, Jd Edwards Enterpriseone, Peoplesoft Enterprise and 1 more | 2025-04-09 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue allows bypass of the lockout mechanism using brute force guessing of credentials and a response discrepancy information leak when the password is correct. | |||||
| CVE-2007-2583 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Mysql | 2025-04-09 | 4.0 MEDIUM | N/A |
| The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. | |||||
| CVE-2008-4011 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 2.1 LOW | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2010-0077 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2010-0070 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2008-2611 | 1 Oracle | 3 Core Rdbms Component, Database Server, Oracle Database | 2025-04-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. | |||||
| CVE-2008-0340 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). | |||||
| CVE-2007-2132 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 has unknown impact and attack vectors, aka PSE02. | |||||
| CVE-2006-5366 | 1 Oracle | 1 Application Server | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and remote attack vectors related to (1) Oracle Containers for J2EE, aka Vuln# OC4J01, and (2) Oracle Process Mgmt & Notification, aka OPMN01. | |||||
| CVE-2007-2692 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-09 | 6.0 MEDIUM | N/A |
| The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges. | |||||
| CVE-2006-5349 | 1 Oracle | 1 Http Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07. | |||||
| CVE-2007-4467 | 1 Oracle | 1 Jinitiator | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control (beans.ocx) 1.1.8.16 and earlier, as used by Oracle Forms applications from Oracle and third parties, allow remote attackers to execute arbitrary code via unspecified "initialization parameters." NOTE: it was later reported that 1.1.8.3 through 1.1.8.25, and probably 1.1.5.x and 1.1.7.x, are affected. | |||||
| CVE-2007-3864 | 1 Oracle | 1 Collaboration Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10.1.2 have unknown impact and remote attack vectors via (1) Instant Messaging/Presence (OCS01) and (2) Oracle Single Sign On (AS02). | |||||
| CVE-2008-3999 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T. | |||||
| CVE-2008-5459 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2008-3991 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990. | |||||
| CVE-2008-0870 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | 7.5 HIGH | N/A |
| BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | |||||
| CVE-2008-0868 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors. | |||||