Filtered by vendor Oracle
Subscribe
Total
10697 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3395 | 1 Oracle | 1 E-business Suite | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the AutoVue component in Oracle E-Business Suite 19.3.2 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2009-3393 | 1 Oracle | 1 E-business Suite | 2026-06-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-3392 | 1 Oracle | 1 E-business Suite | 2026-06-16 | 5.4 MEDIUM | N/A |
| Unspecified vulnerability in the Agile Engineering Data Management (EDM) component in Oracle E-Business Suite 6.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-2857 | 1 Oracle | 2 Opensolaris, Solaris | 2026-06-16 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. | |||||
| CVE-2009-2625 | 7 Apache, Canonical, Debian and 4 more | 9 Xerces2 Java, Ubuntu Linux, Debian Linux and 6 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework. | |||||
| CVE-2009-2446 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-06-16 | 8.5 HIGH | N/A |
| Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-2282 | 1 Oracle | 2 Opensolaris, Solaris | 2026-06-16 | 4.6 MEDIUM | N/A |
| The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors. | |||||
| CVE-2009-2002 | 1 Oracle | 1 Bea Product Suite | 2026-06-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 8.1.6, 9.2.3, 10.0.1, 10.2.1, and 10.3.1.0.0 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-2001 | 1 Oracle | 1 Database Server | 2026-06-16 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-2000 | 1 Oracle | 1 Database Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2009-1999 | 1 Oracle | 1 Application Server | 2026-06-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Business Intelligence Enterprise Edition component in unspecified Oracle Application Server versions allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2009-1998 | 1 Oracle | 1 Industry Applications | 2026-06-16 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Communications Order and Service Management component in Oracle Industry Applications 2.8.0, 6.2.0, 6.3.0, and 6.3.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2009-1997 | 1 Oracle | 1 Database Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2009-1996 | 1 Oracle | 1 Database Server | 2026-06-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Logical Standby component in Oracle Database allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2009-1995 | 1 Oracle | 1 Database Server | 2026-06-16 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_AQ_INV. | |||||
| CVE-2009-1994 | 1 Oracle | 1 Database Server | 2026-06-16 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to MDSYS.PRVT_CMT_CBK. | |||||
| CVE-2009-1993 | 1 Oracle | 1 Database Server | 2026-06-16 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE. | |||||
| CVE-2009-1992 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2026-06-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-1991 | 1 Oracle | 1 Database Server | 2026-06-16 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an established researcher that this is for multiple SQL injection vulnerabilities via the (1) idx_owner or (2) idx_name parameters to the create_tables procedure. | |||||
| CVE-2009-1990 | 1 Oracle | 1 Application Server | 2026-06-16 | 1.7 LOW | N/A |
| Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors. | |||||
