Filtered by vendor Oracle
Subscribe
Total
9589 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2612 | 1 Oracle | 2 Hyperion Bi Plus Component, Oracle Application Server | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Hyperion BI Plus component in Oracle Application Server 8.3.2.4, 8.5.0.3, 9.2.0.3, 9.2.1.0, and 9.3.1.0 has unknown impact and remote attack vectors. | |||||
CVE-2009-1010 | 2 Ibm, Oracle | 2 Websphere Portal, Application Server | 2023-12-10 | 4.4 MEDIUM | N/A |
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. | |||||
CVE-2008-5440 | 1 Oracle | 1 Timesten In-memory Database | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. | |||||
CVE-2008-1826 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05. | |||||
CVE-2008-7237 | 1 Oracle | 1 Application Server | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06. | |||||
CVE-2008-4015 | 1 Oracle | 1 Database 10g | 2023-12-10 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Streams component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_STREAMS_AUTH. | |||||
CVE-2008-2620 | 1 Oracle | 3 Jd Edwards Enterpriseone, Peoplesoft Enterprise, Peoplesoft Peopletools Component | 2023-12-10 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2621, and CVE-2008-2622. | |||||
CVE-2008-1814 | 1 Oracle | 3 Application Server, Collaboration Suite, Database | 2023-12-10 | 9.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04. | |||||
CVE-2008-1811 | 1 Oracle | 1 Application Express | 2023-12-10 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows_030000.wwv_execute_immediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that APEX01 is for insufficient authorization checks for SQL commands in the run_ddl function in flows_030000.wwv_execute_immediate, allowing privilege escalation by certain non-DBA remote authenticated users. | |||||
CVE-2008-5456 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2023-12-10 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
CVE-2008-1812 | 1 Oracle | 2 Application Server, Database 9i | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01. | |||||
CVE-2008-3978 | 1 Oracle | 1 Database 10g | 2023-12-10 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
CVE-2009-3404 | 1 Oracle | 2 Jd Edwards Enterpriseone, Peoplesoft Enterprise | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft PeopleTools & Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.23 allows remote authenticated users to affect integrity via unknown vectors. | |||||
CVE-2008-2613 | 1 Oracle | 2 Database Scheduler, Database Server | 2023-12-10 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is an untrusted search path issue that allows local users to gain privileges via a malicious (1) libclntsh.so or (2) libnnz10.so library. | |||||
CVE-2009-2000 | 1 Oracle | 1 Database Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors. | |||||
CVE-2008-7239 | 1 Oracle | 1 E-business Suite 11i | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 allow remote attackers to affect confidentiality via unknown vectors related to the (1) Oracle Application Object Library (APP02) and (2) Oracle Applications Manager (APP04). | |||||
CVE-2009-1980 | 1 Oracle | 1 E-business Suite | 2023-12-10 | 6.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
CVE-2009-1976 | 1 Oracle | 1 Application Server | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | |||||
CVE-2009-1015 | 1 Oracle | 1 Database Server | 2023-12-10 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors. | |||||
CVE-2008-2138 | 1 Oracle | 1 Application Server Portal | 2023-12-10 | 5.0 MEDIUM | N/A |
Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the contents of /dav_portal/portal/ by sending a request containing a trailing "%0A" (encoded line feed), then using the session ID that is generated from that request. NOTE: as of 20080512, Oracle has not commented on the accuracy of this report. |