Filtered by vendor Oracle
Subscribe
Total
10456 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2837 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2026-05-06 | 6.8 MEDIUM | 6.3 MEDIUM |
| Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass. | |||||
| CVE-2016-5553 | 1 Oracle | 1 Solaris | 2026-05-06 | 4.7 MEDIUM | 5.0 MEDIUM |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors. | |||||
| CVE-2014-6525 | 1 Oracle | 1 E-business Suite | 2026-05-06 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates. | |||||
| CVE-2014-2416 | 1 Oracle | 1 Fusion Middleware | 2026-05-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2407, CVE-2014-2415, CVE-2014-2417, and CVE-2014-2418. | |||||
| CVE-2015-2725 | 3 Mozilla, Novell, Oracle | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2026-05-06 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2014-6520 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Linux Enterprise Desktop and 3 more | 2026-05-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL. | |||||
| CVE-2014-4279 | 1 Oracle | 1 Peoplesoft Products | 2026-05-06 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology. | |||||
| CVE-2016-5561 | 1 Oracle | 1 Solaris | 2026-05-06 | 2.6 LOW | 3.1 LOW |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE. | |||||
| CVE-2015-4920 | 1 Oracle | 1 Solaris | 2026-05-06 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vectors related to NDMP Backup Service. | |||||
| CVE-2014-6468 | 1 Oracle | 2 Jdk, Jre | 2026-05-06 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
| CVE-2015-6015 | 1 Oracle | 1 Outside In Technology | 2026-05-06 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file. | |||||
| CVE-2016-3159 | 4 Debian, Fedoraproject, Oracle and 1 more | 4 Debian Linux, Fedora, Vm Server and 1 more | 2026-05-06 | 1.7 LOW | 3.8 LOW |
| The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076. | |||||
| CVE-2015-4906 | 1 Oracle | 3 Javafx, Jdk, Jre | 2026-05-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916. | |||||
| CVE-2016-3474 | 1 Oracle | 1 Business Intelligence Publisher | 2026-05-06 | 4.3 MEDIUM | 3.7 LOW |
| Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality via vectors related to Security. | |||||
| CVE-2016-0684 | 1 Oracle | 1 Micros Arspos | 2026-05-06 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Retail MICROS ARS POS component in Oracle Retail Applications 1.5 allows remote authenticated users to affect confidentiality via vectors related to POS. | |||||
| CVE-2016-3438 | 1 Oracle | 1 Configurator | 2026-05-06 | 6.4 MEDIUM | 8.2 HIGH |
| Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via three unspecified parameters in an unknown JSP file. | |||||
| CVE-2015-4817 | 1 Oracle | 1 Solaris | 2026-05-06 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel Zones virtualized NIC driver. | |||||
| CVE-2014-4224 | 2 Oracle, Sun | 2 Sunos, Sunos | 2026-05-06 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs. | |||||
| CVE-2016-3434 | 1 Oracle | 1 Application Object Library | 2026-05-06 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Logout. | |||||
| CVE-2016-8283 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2026-05-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. | |||||