Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Total 10698 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4428 1 Oracle 1 Peoplesoft And Jdedwards Product Suite 2026-06-16 4.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.0 Update 2010-F allows remote authenticated users to affect confidentiality via unknown vectors related to Absence Management.
CVE-2010-4427 1 Oracle 1 Fusion Middleware 2026-06-16 3.5 LOW N/A
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Web Server.
CVE-2010-4426 1 Oracle 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 through 8.50.14, and 8.51.0 through 8.51.04 allows remote attackers to affect integrity, related to PIA Core Technology.
CVE-2010-4425 1 Oracle 1 Fusion Middleware 2026-06-16 3.5 LOW N/A
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2, 10.1.3.4.0, and 10.1.3.4.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Server.
CVE-2010-4424 1 Oracle 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 through 8.50.14, and 8.51.0 through 8.51.04 allows remote attackers to affect availability via unknown vectors related to the Security sub-component.
CVE-2010-4423 2 Microsoft, Oracle 2 Windows, Database Server 2026-06-16 6.9 MEDIUM N/A
Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2010-4421 1 Oracle 1 Database Server 2026-06-16 6.8 MEDIUM N/A
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2010-4420 1 Oracle 1 Database Server 2026-06-16 3.6 LOW N/A
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local users to affect confidentiality and integrity via unknown vectors.
CVE-2010-4419 1 Oracle 1 Peoplesoft And Jdedwards Product Suite 2026-06-16 5.5 MEDIUM N/A
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #31 and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture.
CVE-2010-4418 1 Oracle 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51GA through 8.51.05 allows remote attackers to affect confidentiality, integrity, and availability, related to PIA Core Technology.
CVE-2010-4417 1 Oracle 1 Beehive 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that voice-servlet/prompt-qa/Index.jspf does not properly handle null (%00) bytes in the evaluation parameter that is used in a filename, which allows attackers to create a file with an executable extension and execute arbitrary JSP code.
CVE-2010-4416 1 Oracle 1 Fusion Middleware 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3.0.0.4 allows remote attackers to affect availability via unknown vectors related to Server. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party researcher that this is a buffer overflow via a crafted XML soap request and a value that does not contain the expected 0x20 terminator character.
CVE-2010-4414 1 Oracle 1 Vm Virtualbox 2026-06-16 6.8 MEDIUM N/A
Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Extensions.
CVE-2010-4413 1 Oracle 1 Database Server 2026-06-16 4.3 MEDIUM N/A
Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2010-4178 2 Fedoraproject, Oracle 2 Fedora, Mysql-gui-tools 2026-06-16 2.1 LOW 5.5 MEDIUM
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console
CVE-2010-4177 2 Fedoraproject, Oracle 2 Fedora, Mysql-gui-tools 2026-06-16 2.1 LOW 5.5 MEDIUM
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.
CVE-2010-4007 1 Oracle 1 Mojarra 2026-06-16 5.0 MEDIUM N/A
Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057.
CVE-2010-3840 2 Mysql, Oracle 2 Mysql, Mysql 2026-06-16 4.0 MEDIUM N/A
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
CVE-2010-3839 2 Mysql, Oracle 2 Mysql, Mysql 2026-06-16 4.0 MEDIUM N/A
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
CVE-2010-3838 2 Mysql, Oracle 2 Mysql, Mysql 2026-06-16 4.0 MEDIUM N/A
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."