CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2151 CVE-2012-0085 2012-01-18 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2 and 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server.
2152 CVE-2012-0079 2012-01-18 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration.
2153 CVE-2012-0078 2012-01-18 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.2 and 12.1.3 allows remote authenticated users to affect confidentiality, related to REST Services (Menu, LOV).
2154 CVE-2012-0076 2012-01-18 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to ePerformance.
2155 CVE-2012-0074 2012-01-18 2017-08-29
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect integrity via unknown vectors related to Sales.
2156 CVE-2012-0073 2012-01-18 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Forms component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors.
2157 CVE-2012-0071 2012-10-16 2016-11-22
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote attackers to affect integrity via unknown vectors related to Web, a different vulnerability than CVE-2012-0093.
2158 CVE-2011-3573 2012-01-18 2012-02-07
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in Oracle Communications Unified 7.0 allows remote authenticated users to affect availability via unknown vectors related to Calendar Server.
2159 CVE-2011-3565 2012-01-18 2012-02-07
4.6
None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Calendar Server.
2160 CVE-2011-3562 2012-07-17 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect integrity via unknown vectors.
2161 CVE-2011-3530 2011-10-18 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality via unknown vectors related to eDevelopment.
2162 CVE-2011-3529 2011-10-18 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Talent Acquisition Manager.
2163 CVE-2011-3526 2011-10-18 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface.
2164 CVE-2011-3524 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-2326, and CVE-2011-3509.
2165 CVE-2011-3514 2012-01-18 2016-05-18
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect integrity, related to Enterprise Infrastructure SEC (JDENET).
2166 CVE-2011-3513 2011-10-18 2017-08-29
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity, related to HTML Pages.
2167 CVE-2011-3510 2011-10-18 2017-08-29
4.9
None Remote Medium ??? Partial Partial None
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security.
2168 CVE-2011-3509 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-2326, and CVE-2011-3524.
2169 CVE-2011-3506 2011-10-18 2012-11-27
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
2170 CVE-2011-3201 200 +Info 2013-03-08 2017-08-29
4.3
None Remote Medium Not required Partial None None
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
2171 CVE-2011-2326 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-3509, and CVE-2011-3524.
2172 CVE-2011-2325 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2326, CVE-2011-3509, and CVE-2011-3524.
2173 CVE-2011-2323 2011-10-18 2012-01-12
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Health Sciences - Oracle Thesaurus Management System component in Oracle Industry Applications 4.6.1 and 4.6.2 allows remote attackers to affect integrity, related to TMS Help.
2174 CVE-2011-2321 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDNET).
2175 CVE-2011-2319 2011-10-18 2017-09-09
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality, related to JMS.
2176 CVE-2011-2317 2012-01-18 2016-05-18
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect integrity, related to Enterprise Infrastucture SEC (JDNET).
2177 CVE-2011-2316 2011-10-18 2012-05-14
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel Apps - Marketing component in Oracle Siebel CRM 8.0.0 allows remote attackers to affect integrity via unknown vectors related to Email Marketing.
2178 CVE-2011-2314 2011-10-18 2011-12-24
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors related to JavaServer Pages.
2179 CVE-2011-2313 2011-10-18 2016-11-22
4.3
None Local Low ??? None None Complete
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS, a different vulnerability than CVE-2011-2311.
2180 CVE-2011-2309 2011-10-18 2012-01-12
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Health Sciences - Oracle Clinical, Remote Data Capture component in Oracle Industry Applications 4.6 and 4.6.2 allows remote attackers to affect integrity, related to RDC Help.
2181 CVE-2011-2308 2011-10-18 2012-01-14
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Online Help.
2182 CVE-2011-2304 2011-10-18 2011-12-24
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality, related to Network Services Library (libnsl).
2183 CVE-2011-2302 2011-10-18 2017-09-09
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Single Sign On.
2184 CVE-2011-2284 2011-07-21 2011-10-05
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 Bundle #17 allows remote authenticated users to affect confidentiality via unknown vectors related to ePerformance.
2185 CVE-2011-2280 2011-07-21 2016-11-23
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2011-2274.
2186 CVE-2011-2278 2011-07-21 2011-10-05
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9, Bundle, #24, 9.0, Bundle, #17, 9.1, Bundle, and #6 allows remote authenticated users to affect confidentiality via unknown vectors related to Talent Acquisition Manager.
2187 CVE-2011-2275 2011-07-21 2016-08-19
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.49.31, 8.50.20, and 8.51.11 allows remote attackers to affect integrity via unknown vectors.
2188 CVE-2011-2273 2011-07-21 2011-10-05
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Agile Core Technology component in Oracle Supply Chain Products Suite 9.3.0.3 and 9.3.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Search.
2189 CVE-2011-2264 Overflow 2011-07-21 2014-01-14
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect confidentiality, integrity, and availability via unknown vectors related to Outside In Filters. NOTE: the previous information was obtained from the July 2011 CPU. Oracle has not commented on claims from a reliable third party that this is a stack-based buffer overflow in the imcdr2.flt library for the CorelDRAW parser.
2190 CVE-2011-2251 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors.
2191 CVE-2011-2246 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Financials.
2192 CVE-2011-2238 2011-07-20 2011-10-05
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL.
2193 CVE-2011-2231 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote attackers to affect availability via unknown vectors.
2194 CVE-2011-0884 2011-07-20 2011-10-05
4.0
None Remote Low ??? None None Partial
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Fusion Middleware 11.1.1.3.0, 11.1.1.4.0, and 11.1.1.5.0 allows remote authenticated users to affect availability, related to BPEL Console.
2195 CVE-2011-0883 2011-07-20 2011-10-05
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.2.3, 10.1.3.5, 10.1.4.0.1, and 10.1.4.3 allows remote authenticated users to affect integrity, related to Servlet Runtime in OC4J.
2196 CVE-2011-0881 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the EMCTL component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors.
2197 CVE-2011-0879 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors.
2198 CVE-2011-0877 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors.
2199 CVE-2011-0876 2011-07-20 2011-10-05
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors related to Security.
2200 CVE-2011-0856 2011-04-20 2012-08-02
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA through 8.49.30, 8.50 GA through 8.50.17, and 8.51 GA through 8.51.07 allows remote authenticated users to affect confidentiality via unknown vectors.
Total number of vulnerabilities : 2425   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 (This Page)45 46 47 48 49
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.