CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-4270 2014-07-17 2014-08-01
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4269.
2 CVE-2014-4269 2014-07-17 2014-08-01
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270.
3 CVE-2014-4263 2014-07-17 2014-08-01
4.0
None Remote High Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
4 CVE-2014-4244 2014-07-17 2014-08-01
4.0
None Remote High Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
5 CVE-2014-4242 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console.
6 CVE-2014-4241 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.
7 CVE-2014-4239 2014-07-17 2014-08-01
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao).
8 CVE-2014-4238 2014-07-17 2014-08-01
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
9 CVE-2014-4237 2014-07-17 2014-08-01
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors.
10 CVE-2014-4233 2014-07-17 2014-08-01
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.
11 CVE-2014-4232 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application.
12 CVE-2014-4231 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel Travel & Transportation component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Diary.
13 CVE-2014-4230 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Open_UI.
14 CVE-2014-4228 2014-07-17 2014-08-01
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.
15 CVE-2014-4224 2014-07-17 2014-08-01
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs.
16 CVE-2014-4221 2014-07-17 2014-08-01
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
17 CVE-2014-4217 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, and 12.1.1.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.
18 CVE-2014-4215 2014-07-17 2014-08-01
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers.
19 CVE-2014-4213 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows remote attackers to affect integrity via unknown vectors.
20 CVE-2014-4212 2014-07-17 2014-08-01
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification.
21 CVE-2014-4207 2014-07-17 2014-08-01
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.
22 CVE-2014-4205 2014-07-17 2014-08-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework, a different vulnerability than CVE-2014-2491.
23 CVE-2014-4203 2014-07-17 2014-08-01
4.1
None Local Medium Single system Partial Partial Partial
Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Property Editing.
24 CVE-2014-2494 2014-07-17 2014-07-18
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.
25 CVE-2014-2492 2014-07-17 2014-07-17
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile Product Collaboration component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect integrity via unknown vectors related to Web client (PC).
26 CVE-2014-2491 2014-07-17 2014-07-18
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework, a different vulnerability than CVE-2014-4205.
27 CVE-2014-2489 2014-07-17 2014-07-17
4.1
None Local Medium Single system Partial Partial Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
28 CVE-2014-2471 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.
29 CVE-2014-2468 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via vectors related to Open_UI.
30 CVE-2014-2465 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
31 CVE-2014-2463 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application.
32 CVE-2014-2460 2014-04-15 2014-04-16
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users to affect confidentiality via vectors related to CSV Management.
33 CVE-2014-2458 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile Product Lifecycle component in Oracle Supply Chain Products Suite 6.1.0.3 and 6.1.1.3 allows remote attackers to affect integrity via unknown vectors related to Install.
34 CVE-2014-2457 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile Product Lifecycle component in Oracle Supply Chain Products Suite 6.0 and 6.1.0 allows remote attackers to affect integrity via unknown vectors related to Install.
35 CVE-2014-2454 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via unknown vectors related to User Interface.
36 CVE-2014-2453 2014-04-15 2014-04-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect integrity via unknown vectors related to User Interface.
37 CVE-2014-2452 2014-04-15 2014-06-21
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 allows remote authenticated users to affect availability via unknown vectors related to Webserver Plugin.
38 CVE-2014-2450 2014-04-15 2014-04-16
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
39 CVE-2014-2449 2014-04-15 2014-04-24
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise HRMS Talent Acquisition Manager component in Oracle PeopleSoft Products 9.0, 9.1, and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
40 CVE-2014-2446 2014-04-15 2014-04-16
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality via vectors related to QAS.
41 CVE-2014-2443 2014-04-15 2014-05-09
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Core Technology.
42 CVE-2014-2442 2014-04-15 2014-04-16
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.
43 CVE-2014-2441 2014-04-15 2014-04-16
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.
44 CVE-2014-2435 2014-04-15 2014-04-16
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
45 CVE-2014-2434 2014-04-15 2014-04-16
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.
46 CVE-2014-2429 2014-04-15 2014-04-16
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the PeopleSoft Enterprise CS Campus Self Service component in Oracle PeopleSoft Products 9.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Campus Mobile.
47 CVE-2014-2426 2014-04-15 2014-04-16
4.9
None Remote Medium Single system None Partial Partial
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.
48 CVE-2014-2425 2014-04-15 2014-04-16
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.
49 CVE-2014-2424 1 2014-04-15 2014-07-24
4.0
None Remote Low Single system None Partial None
Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.
50 CVE-2014-2419 2014-04-15 2014-06-18
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
Total number of vulnerabilities : 644   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.