Filtered by vendor Oracle
Subscribe
Total
10174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0983 | 1 Oracle | 1 Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407. | |||||
| CVE-2009-0979 | 1 Oracle | 1 Database 9i | 2025-04-09 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-1977 | 1 Oracle | 1 Secure Backup | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php. | |||||
| CVE-2010-0080 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2025-04-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle, #21 and 9.0 Bundle #11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2007-0281 | 1 Oracle | 3 Application Server, Collaboration Suite, Http Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.1, and 10.1.3.0; and Collaboration Suite 9.0.4.2 and 10.1.2; have unknown impact and attack vectors related to the Oracle HTTP Server, aka (1) OHS03 and (2) OHS04. | |||||
| CVE-2007-5519 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS04. | |||||
| CVE-2007-0278 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14). | |||||
| CVE-2009-0980 | 1 Oracle | 2 Database 10g, Database 11g | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 allows remote authenticated users to affect integrity and availability, related to AGGXQIMP. | |||||
| CVE-2009-1015 | 1 Oracle | 1 Database Server | 2025-04-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2008-0346 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01. | |||||
| CVE-2006-5368 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Exchange component in Oracle E-Business Suite 6.2.4 has unknown impact and remote attack vectors, aka Vuln# APPS01. | |||||
| CVE-2008-2751 | 2 Oracle, Sun | 2 Glassfish Server, Java System Application Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote attackers to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (2) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:resTypeProp:resType, (3) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:factoryClassProp:factoryClass, or (4) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:descProp:desc parameter to (a) resourceNode/customResourceNew.jsf; the (5) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, (6) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:resTypeProp:resType, (7) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:factoryClassProp:factoryClass, (8) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiLookupProp:jndiLookup, or (9) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:descProp:desc parameter to (b) resourceNode/externalResourceNew.jsf; the (10) propertyForm:propertySheet:propertSectionTextField:jndiProp:Jndi, (11) propertyForm:propertySheet:propertSectionTextField:nameProp:name, or (12) propertyForm:propertySheet:propertSectionTextField:descProp:desc parameter to (c) resourceNode/jmsDestinationNew.jsf; the (13) propertyForm:propertySheet:generalPropertySheet:jndiProp:Jndi or (14) propertyForm:propertySheet:generalPropertySheet:descProp:cd parameter to (d) resourceNode/jmsConnectionNew.jsf; the (15) propertyForm:propertySheet:propertSectionTextField:jndiProp:jnditext or (16) propertyForm:propertySheet:propertSectionTextField:descProp:desc parameter to (e) resourceNode/jdbcResourceNew.jsf; the (17) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:nameProp:name, (18) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:classNameProp:classname, or (19) propertyForm:propertyContentPage:propertySheet:propertSectionTextField:loadOrderProp:loadOrder parameter to (f) applications/lifecycleModulesNew.jsf; or the (20) propertyForm:propertyContentPage:propertySheet:generalPropertySheet:jndiProp:name, (21) propertyForm:propertyContentPage:propertySheet:generalPropertySheet:resTypeProp:resType, or (22) propertyForm:propertyContentPage:propertySheet:generalPropertySheet:dbProp:db parameter to (g) resourceNode/jdbcConnectionPoolNew1.jsf. | |||||
| CVE-2009-3412 | 1 Oracle | 2 Application Server, Database Server | 2025-04-09 | 1.0 LOW | N/A |
| Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. | |||||
| CVE-2008-5436 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors. | |||||
| CVE-2006-7067 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.0 MEDIUM | N/A |
| Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE: this issue was originally disputed by a third party, but the dispute was retracted. NOTE: this issue was called an "integer overflow" in the original source, but this might be incorrect. | |||||
| CVE-2007-0293 | 1 Oracle | 1 Enterprise Manager | 2025-04-09 | 6.4 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors related to (1) Oracle Agent (EM03) and (2) EM04 and (3) EM05 in Enterprise Manager Console. NOTE: EM05 might be related to CVE-2007-0222. | |||||
| CVE-2008-2621 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component | 2025-04-09 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, and CVE-2008-2622. | |||||
| CVE-2007-0287 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | 1.7 LOW | N/A |
| Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08. | |||||
| CVE-2009-0990 | 1 Oracle | 1 Application Server | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. | |||||
| CVE-2009-4019 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-09 | 4.0 MEDIUM | N/A |
| mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement. | |||||