Filtered by vendor Oracle
Subscribe
Total
10174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1830 | 2 Jdedwards, Oracle | 2 Enterpriseone, Peoplesoft Hcm Eperformance | 2025-04-09 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03. | |||||
| CVE-2008-4017 | 1 Oracle | 1 Application Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2007-0272 | 1 Oracle | 1 Database Server | 2025-04-09 | 8.5 HIGH | N/A |
| Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. | |||||
| CVE-2006-5372 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS11 for Oracle Universal Work Queue and (2) APPS12 for Oracle Application Object Library. | |||||
| CVE-2007-3862 | 1 Oracle | 1 Application Server | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01. | |||||
| CVE-2006-5376 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.22 GA, 8.46 GA, 8.47 GA, 8.48 GA, 8.22.11, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) PSE04, (2) PSE06, (3) PSE07, and (4) PSE08. | |||||
| CVE-2006-6703 | 1 Oracle | 2 Oracle10g, Oracle9i | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors. | |||||
| CVE-2008-2992 | 2 Adobe, Oracle | 3 Acrobat, Acrobat Reader, Solaris | 2025-04-09 | 9.3 HIGH | 7.8 HIGH |
| Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. | |||||
| CVE-2006-5362 | 1 Oracle | 1 Application Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 10.1.3.0.0 has unknown impact and remote attack vectors, aka Vuln# OC4J04. | |||||
| CVE-2009-3393 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2008-2601 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. | |||||
| CVE-2009-3396 | 1 Oracle | 1 Bea Product Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2.3, 10.0.1, and 10.3 allows remote attackers to affect integrity, related to WLS Console. | |||||
| CVE-2007-3854 | 1 Oracle | 9 Apex, Application Server, Collaboration Suite and 6 more | 2025-04-09 | 5.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. | |||||
| CVE-2008-2615 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component | 2025-04-09 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622. | |||||
| CVE-2007-5520 | 1 Oracle | 2 Application Server, Database Server | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05. | |||||
| CVE-2007-2703 | 1 Oracle | 1 Weblogic Portal | 2025-04-09 | 3.6 LOW | N/A |
| BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources. | |||||
| CVE-2007-2123 | 1 Oracle | 1 Application Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04. | |||||
| CVE-2008-7233 | 1 Oracle | 2 Application Server, E-business Suite 11i | 2025-04-09 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02. | |||||
| CVE-2008-3976 | 1 Oracle | 2 Database 10g, Database 9i | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414. | |||||
| CVE-2008-2581 | 1 Oracle | 2 Bea Product Suite, Weblogic Server Component | 2025-04-09 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer. | |||||