Filtered by vendor Oracle
Subscribe
Total
10060 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0420 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services. | |||||
| CVE-2016-0409 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM Global Payroll Switzerland component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Security. | |||||
| CVE-2014-6539 | 1 Oracle | 1 E-business Suite | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6472. | |||||
| CVE-2016-5448 | 1 Oracle | 1 Integrated Lights Out Manager Firmware | 2025-04-12 | 6.4 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect integrity and availability via vectors related to SNMP. | |||||
| CVE-2014-9674 | 6 Canonical, Fedoraproject, Freetype and 3 more | 11 Ubuntu Linux, Fedora, Freetype and 8 more | 2025-04-12 | 7.5 HIGH | N/A |
| The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. | |||||
| CVE-2014-6511 | 1 Oracle | 2 Jdk, Jre | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | |||||
| CVE-2016-0549 | 1 Oracle | 1 E-business Intelligence | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Components, a different vulnerability than CVE-2016-0511, CVE-2016-0547, and CVE-2016-0548. | |||||
| CVE-2014-9670 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. | |||||
| CVE-2015-4763 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-12 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security. | |||||
| CVE-2015-0367 | 1 Oracle | 1 Fusion Middleware | 2025-04-12 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine. | |||||
| CVE-2016-5627 | 1 Oracle | 1 Mysql | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. | |||||
| CVE-2015-0467 | 1 Oracle | 1 Peoplesoft Products | 2025-04-12 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors related to Security. | |||||
| CVE-2016-3596 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | 9.0 HIGH | 8.6 HIGH |
| Unspecified vulnerability in the Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, and CVE-2016-3595. | |||||
| CVE-2014-2678 | 3 Fedoraproject, Linux, Oracle | 3 Fedora, Linux Kernel, Linux | 2025-04-12 | 4.7 MEDIUM | N/A |
| The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. | |||||
| CVE-2015-4827 | 1 Oracle | 1 Retail Applications | 2025-04-12 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework. | |||||
| CVE-2014-2436 | 3 Mariadb, Oracle, Redhat | 9 Mariadb, Mysql, Solaris and 6 more | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. | |||||
| CVE-2016-5264 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2025-04-12 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application. | |||||
| CVE-2015-2774 | 3 Erlang, Opensuse, Oracle | 3 Erlang\/otp, Opensuse, Solaris | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). | |||||
| CVE-2016-5601 | 1 Oracle | 1 Weblogic Server | 2025-04-12 | 3.3 LOW | 6.3 MEDIUM |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components. | |||||
| CVE-2015-0248 | 5 Apache, Apple, Opensuse and 2 more | 9 Subversion, Xcode, Opensuse and 6 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers. | |||||