CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 1 and 1.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6540 2014-10-15 2014-10-24
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests.
2 CVE-2014-4248 2014-07-17 2014-08-01
1.0
None Local High Single system Partial None None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows local users to affect confidentiality via unknown vectors related to Logging.
3 CVE-2014-2488 2014-07-17 2014-07-17
1.0
None Local High Single system Partial None None
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality via unknown vectors related to Core.
4 CVE-2014-2485 2014-07-17 2014-07-18
1.4
None Local Low Multiple systems Partial None None
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows local users to affect confidentiality via unknown vectors related to Integration Business Services.
5 CVE-2013-5885 2014-01-15 2014-02-06
1.7
None Local Low Single system None Partial None
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity via unknown vectors related to Audit.
6 CVE-2013-5874 2014-01-15 2014-02-06
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows local users to affect confidentiality via unknown vectors related to Logging.
7 CVE-2013-5865 2013-10-16 2013-10-30
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect availability via unknown vectors related to Utility/User administration.
8 CVE-2013-5791 1 Exec Code Overflow 2013-10-16 2014-02-11
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is a stack-based buffer overflow in the Microsoft Access 1.x parser in vsacs.dll before 8.4.0.108 and before 8.4.1.52, which allows attackers to execute arbitrary code via a long field (aka column) name.
9 CVE-2013-5763 2013-12-12 2014-01-13
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure of this issue erroneously mapped it to CVE-2013-3624.
10 CVE-2013-2393 2013-04-17 2014-01-13
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
11 CVE-2013-2382 2013-04-17 2013-10-10
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 12.0.1 allows local users to affect confidentiality via vectors related to BASE.
12 CVE-2013-1546 2013-04-17 2013-10-10
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 3.1.0 and 5.0.2 through 12.0.1 allows local users to affect confidentiality via vectors related to BASE.
13 CVE-2013-1502 2013-04-17 2014-02-20
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
14 CVE-2012-3162 2012-10-16 2013-10-10
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows local users to affect confidentiality, related to MDS loading.
15 CVE-2012-3145 2012-10-16 2013-10-10
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.2.0 allows local users to affect confidentiality, related to BASE.
16 CVE-2012-3116 2012-07-17 2013-10-10
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows local users to affect confidentiality via unknown vectors.
17 CVE-2012-0494 2012-01-18 2014-02-20
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
18 CVE-2012-0075 2012-01-18 2014-02-20
1.7
None Remote High Multiple systems None Partial None
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
19 CVE-2011-3561 2011-10-19 2013-10-30
1.8
None Local Network High Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
20 CVE-2011-3541 2011-10-18 2014-01-13
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters.
21 CVE-2011-3539 2011-10-18 2011-10-29
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Zones.
22 CVE-2011-2318 2011-10-18 2012-01-19
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security.
23 CVE-2011-2312 2011-10-18 2011-12-23
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality, related to ZFS.
24 CVE-2011-2311 2011-10-18 2011-12-23
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS.
25 CVE-2011-2267 2011-07-20 2014-01-13
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.2.0 and 8.3.5.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
26 CVE-2011-2242 2011-07-20 2011-10-04
1.3
None Local Medium Multiple systems Partial None None
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.
27 CVE-2011-2240 2011-07-20 2011-10-04
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle Universal Installer component in Oracle Database Server 10.1.0.5 allows local users to affect confidentiality via unknown vectors.
28 CVE-2011-0796 2011-04-19 2011-04-20
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors.
29 CVE-2010-3597 2011-01-19 2014-01-13
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.0 allows local users to affect availability, related to Outside In Viewer SDK.
30 CVE-2010-3542 2010-10-14 2010-11-11
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB.
31 CVE-2010-2389 2010-10-13 2010-11-11
1.0
None Local High Single system None Partial None
Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon.
32 CVE-2010-2371 2010-07-13 2012-10-22
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-2372.
33 CVE-2009-3412 2010-01-12 2012-10-22
1.0
None Local High Single system Partial None None
Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors.
34 CVE-2009-3401 2009-10-22 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows local users to affect confidentiality via unknown vectors.
35 CVE-2009-1990 2009-10-22 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.
36 CVE-2008-5450 2009-01-13 2012-10-22
1.2
None Local High Not required Partial None None
Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.
37 CVE-2008-3987 2008-10-14 2012-10-22
1.0
None Local High Single system Partial None None
Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.
38 CVE-2008-3986 2008-10-14 2012-10-22
1.0
None Local High Single system Partial None None
Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
39 CVE-2008-3973 2009-01-13 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors.
40 CVE-2008-2619 2008-10-14 2012-10-29
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors.
41 CVE-2008-2587 2008-07-15 2012-10-22
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.
42 CVE-2007-0294 2007-01-16 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has unknown impact and attack vectors related to Database Cloning & Data Guard Management, aka EM06.
43 CVE-2007-0288 2007-01-16 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01.
44 CVE-2007-0287 2007-01-16 2012-10-22
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08.
Total number of vulnerabilities : 44   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.