CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2051 CVE-2012-3168 2013-01-17 2013-10-11
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Siebel Core - Server Infrastructure.
2052 CVE-2012-3166 2012-10-17 2020-08-06
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
2053 CVE-2012-3161 2012-10-16 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1.1 allows remote attackers to affect integrity via unknown vectors related to Web Client (CS).
2054 CVE-2012-3154 2012-10-16 2013-10-11
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1.0 allows remote authenticated users to affect confidentiality, related to ATTACH.
2055 CVE-2012-3150 2012-10-16 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
2056 CVE-2012-3144 2012-10-16 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
2057 CVE-2012-3141 2012-10-16 2017-08-29
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability than CVE-2012-3227.
2058 CVE-2012-3139 2012-10-16 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon (local and SSO).
2059 CVE-2012-3138 2012-10-16 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Web interface.
2060 CVE-2012-3134 2012-07-17 2013-10-11
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors.
2061 CVE-2012-3119 2012-07-17 2017-12-22
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway.
2062 CVE-2012-3118 2012-07-17 2017-12-22
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect confidentiality, related to PANPROC.
2063 CVE-2012-3117 2012-07-17 2017-12-22
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to HTTP.
2064 CVE-2012-3115 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11.1.1.5, and 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Install.
2065 CVE-2012-3114 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote attackers to affect integrity via unknown vectors.
2066 CVE-2012-2751 XSS Bypass 2012-07-22 2021-02-12
4.3
None Remote Medium Not required None Partial None
ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.
2067 CVE-2012-2749 399 DoS 2012-08-17 2019-12-17
4.0
None Remote Low ??? None None Partial
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
2068 CVE-2012-1763 2012-10-16 2013-10-11
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Applications 4.6.0 and 4.6.2 allows remote authenticated users to affect confidentiality, related to HTML Surround.
2069 CVE-2012-1761 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to UI Framework.
2070 CVE-2012-1760 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1742.
2071 CVE-2012-1759 2012-07-17 2017-08-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0.2 and 20.1 allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-1758.
2072 CVE-2012-1758 2012-07-17 2017-08-29
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0.2 and 20.1 allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-1759.
2073 CVE-2012-1757 2012-07-17 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
2074 CVE-2012-1756 2012-07-17 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
2075 CVE-2012-1755 2013-01-17 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 allows remote attackers to affect integrity via vectors related to PeopleBooks - PSOL.
2076 CVE-2012-1754 2012-07-17 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1732.
2077 CVE-2012-1748 2012-07-17 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than CVE-2012-0562.
2078 CVE-2012-1734 2012-07-17 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
2079 CVE-2012-1732 2012-07-17 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1754.
2080 CVE-2012-1730 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Password Management.
2081 CVE-2012-1729 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3 and earlier allows remote attackers to affect integrity via unknown vectors related to UI and Visualization.
2082 CVE-2012-1715 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity, related to HTML Pages.
2083 CVE-2012-1708 2012-05-03 2017-09-09
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors.
2084 CVE-2012-1707 2012-05-03 2016-11-22
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Core-Base, a different vulnerability than CVE-2012-1704.
2085 CVE-2012-1706 2012-05-03 2013-10-11
4.7
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Logging.
2086 CVE-2012-1705 2013-01-17 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
2087 CVE-2012-1700 2013-01-17 2013-10-11
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel UI Framework.
2088 CVE-2012-1697 2012-05-03 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
2089 CVE-2012-1696 2012-05-03 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
2090 CVE-2012-1690 2012-05-03 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.
2091 CVE-2012-1689 2012-07-17 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
2092 CVE-2012-1688 2012-05-03 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
2093 CVE-2012-1686 2012-10-16 2016-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.6 and other versions allows remote attackers to affect integrity via unknown vectors related to Installation.
2094 CVE-2012-1685 2012-10-16 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core.
2095 CVE-2012-1680 2013-01-17 2013-10-11
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Siebel Apps - Multi-channel Technologies.
2096 CVE-2012-1677 2013-01-17 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via unknown vectors.
2097 CVE-2012-1674 2012-05-03 2017-12-07
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-0582.
2098 CVE-2012-0583 2012-05-03 2019-12-17
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
2099 CVE-2012-0582 2012-05-03 2017-12-07
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-1674.
2100 CVE-2012-0581 2012-05-03 2016-05-18
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity, related to SCRM - Company Profiles.
Total number of vulnerabilities : 2425   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 (This Page)43 44 45 46 47 48 49
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.