CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1651 CVE-2015-0432 2015-01-21 2017-09-08
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
1652 CVE-2015-0431 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0 6.3.1, 6.3.2, 6.3.4, and 6.3.5 allows remote attackers to affect integrity via unknown vectors related to UI Infrastructure.
1653 CVE-2015-0425 2015-01-21 2017-09-08
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle Enterprise Asset Management component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Siebel Core - Unix/Windows.
1654 CVE-2015-0423 2015-04-16 2017-01-03
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
1655 CVE-2015-0422 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, and 6.3.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Infrastructure.
1656 CVE-2015-0420 2015-01-21 2017-01-03
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services.
1657 CVE-2015-0419 2015-01-21 2017-09-08
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2013-1510.
1658 CVE-2015-0417 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0388.
1659 CVE-2015-0415 2015-01-21 2017-09-08
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Session Management.
1660 CVE-2015-0409 2015-01-21 2017-09-08
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
1661 CVE-2015-0405 2015-04-16 2017-01-03
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.
1662 CVE-2015-0404 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Error Messages.
1663 CVE-2015-0402 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Integration - COM.
1664 CVE-2015-0401 2015-01-21 2017-01-03
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 and 11.1.1.7 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console.
1665 CVE-2015-0399 2015-01-21 2017-01-03
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 10.1.3.4.2 and 11.1.1.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Analytics Web General.
1666 CVE-2015-0398 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Clinical Trip Report.
1667 CVE-2015-0394 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality via unknown vectors related to Report Distribution.
1668 CVE-2015-0392 2015-01-21 2017-09-08
4.6
None Remote High ??? Partial Partial Partial
Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Config - Scripting.
1669 CVE-2015-0391 2015-01-21 2019-02-01
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.
1670 CVE-2015-0388 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2015-0417.
1671 CVE-2015-0387 2015-01-21 2017-09-08
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel Core - Server OM Services component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via vectors related to Security - LDAP Security Adapter.
1672 CVE-2015-0386 2015-01-21 2016-06-23
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener, a different vulnerability than CVE-2013-0338, CVE-2013-2877, and CVE-2014-0191.
1673 CVE-2015-0382 2015-01-21 2019-02-01
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
1674 CVE-2015-0381 2015-01-21 2019-02-01
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
1675 CVE-2015-0380 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Telecommunications Billing Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to OA Based UI for Bill Summary.
1676 CVE-2015-0379 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 allows remote attackers to affect integrity via vectors related to PIA Core Technology.
1677 CVE-2015-0377 2015-01-21 2018-10-30
4.4
None Local Medium ??? None None Complete
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418.
1678 CVE-2015-0376 2015-01-21 2016-06-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Content Server.
1679 CVE-2015-0371 2015-01-21 2017-09-08
4.9
None Remote Medium ??? None Partial Partial
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity and availability via unknown vectors.
1680 CVE-2015-0369 2015-01-21 2017-09-08
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to AX/HI Web UI.
1681 CVE-2015-0365 2015-01-21 2017-09-08
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Security.
1682 CVE-2015-0363 2015-01-21 2017-09-08
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Integration Business Services.
1683 CVE-2015-0275 17 DoS 2015-10-19 2019-12-27
4.9
None Local Low Not required None None Complete
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request.
1684 CVE-2015-0251 345 2015-04-08 2018-10-30
4.0
None Remote Low ??? None Partial None
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.
1685 CVE-2015-0239 269 DoS +Priv 2015-03-02 2020-05-21
4.4
None Local Medium Not required Partial Partial Partial
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction.
1686 CVE-2014-9671 DoS 2015-02-08 2018-10-30
4.3
None Remote Medium Not required None None Partial
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
1687 CVE-2014-9670 189 DoS Overflow 2015-02-08 2018-10-30
4.3
None Remote Medium Not required None None Partial
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
1688 CVE-2014-8559 400 DoS 2014-11-10 2020-08-13
4.9
None Local Low Not required None None Complete
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
1689 CVE-2014-6597 2015-01-21 2016-06-23
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52, 8.53, and 8.54 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.
1690 CVE-2014-6596 2015-01-21 2016-06-23
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework.
1691 CVE-2014-6594 2015-01-21 2016-06-23
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Learner Pages.
1692 CVE-2014-6593 2015-01-21 2020-09-08
4.0
None Remote High Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
1693 CVE-2014-6587 2015-01-21 2020-09-08
4.3
None Local Low ??? Partial Partial Partial
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
1694 CVE-2014-6584 2015-01-21 2016-06-23
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite ILOM before 3.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Backup Restore.
1695 CVE-2014-6580 2015-01-21 2016-06-23
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors.
1696 CVE-2014-6579 2015-01-21 2016-06-27
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality via unknown vectors related to Integration Broker.
1697 CVE-2014-6574 2015-01-21 2016-06-24
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 6.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Testing Protocol Library.
1698 CVE-2014-6573 2015-01-21 2016-06-24
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 11.1.3 and 12.1.4 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
1699 CVE-2014-6566 2015-01-21 2016-06-24
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via unknown vectors related to Portal.
1700 CVE-2014-6564 2014-10-15 2017-01-03
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.
Total number of vulnerabilities : 2425   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 (This Page)35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.