Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Total 10698 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-5167 2 Oracle, Tidestone 2 Hyperion Strategic Finance, Formula One Activex Control 2026-06-16 9.3 HIGH N/A
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string to the DriverName parameter.
CVE-2011-5035 1 Oracle 1 Glassfish Server 2026-06-16 5.0 MEDIUM N/A
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.
CVE-2011-4517 7 Canonical, Debian, Fedoraproject and 4 more 9 Ubuntu Linux, Debian Linux, Fedora and 6 more 2026-06-16 6.8 MEDIUM N/A
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
CVE-2011-4516 6 Canonical, Debian, Fedoraproject and 3 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2026-06-16 6.8 MEDIUM N/A
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
CVE-2011-4461 2 Mortbay, Oracle 2 Jetty, Sun Storage Common Array Manager 2026-06-16 5.0 MEDIUM 5.3 MEDIUM
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
CVE-2011-4358 1 Oracle 1 Sun Glassfish Enterprise Server 2026-06-16 6.4 MEDIUM N/A
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.
CVE-2011-4093 4 Armin Burgmeier, Opensuse, Opensuse Project and 1 more 4 Net6, Opensuse, Opensuse and 1 more 2026-06-16 5.8 MEDIUM N/A
Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 might allow remote attackers to hijack connections and gain privileges as other users by making a large number of connections until the overflow occurs and an ID of another user is provided.
CVE-2011-4091 3 Armin Burgmeier, Opensuse, Oracle 3 Net6, Opensuse, Solaris 2026-06-16 5.0 MEDIUM N/A
The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences.
CVE-2011-3574 1 Oracle 1 Communications Unified 2026-06-16 3.3 LOW N/A
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server.
CVE-2011-3573 1 Oracle 1 Communications Unified 2026-06-16 4.0 MEDIUM N/A
Unspecified vulnerability in Oracle Communications Unified 7.0 allows remote authenticated users to affect availability via unknown vectors related to Calendar Server.
CVE-2011-3571 1 Oracle 1 Virtualization 2026-06-16 3.6 LOW N/A
Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507.
CVE-2011-3570 1 Oracle 1 Communications Unified 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality via unknown vectors related to Calendar Server.
CVE-2011-3569 1 Oracle 1 Fusion Middleware 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Web Services Security.
CVE-2011-3568 1 Oracle 1 Fusion Middleware 2026-06-16 5.5 MEDIUM N/A
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Security.
CVE-2011-3566 1 Oracle 1 Fusion Middleware 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote attackers to affect availability via unknown vectors related to Web Container.
CVE-2011-3565 1 Oracle 1 Communications Unified 2026-06-16 4.6 MEDIUM N/A
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Calendar Server.
CVE-2011-3564 1 Oracle 1 Sun Glassfish Enterprise Server 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration.
CVE-2011-3563 2 Oracle, Sun 2 Jre, Jre 2026-06-16 6.4 MEDIUM N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
CVE-2011-3562 1 Oracle 1 Fusion Middleware 2026-06-16 4.3 MEDIUM N/A
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors.
CVE-2011-3561 2 Oracle, Sun 5 Javafx, Jdk, Jre and 2 more 2026-06-16 1.8 LOW N/A
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.