VYPR

Opensso

by Oracle Corporation

CVEs (12)

  • CVE-2015-7182CriNov 5, 2015
    risk 0.65cvss 9.8epss 0.10

    Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service…

  • CVE-2015-0451Apr 16, 2015
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows remote authenticated users to affect confidentiality via vectors related to OpenSSO Web Agents.

  • CVE-2015-0389Jan 21, 2015
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592.

  • CVE-2014-6592Jan 21, 2015
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389.

  • CVE-2014-2426Apr 16, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.

  • CVE-2014-2425Apr 16, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2014-0465Apr 16, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console.

  • CVE-2013-1620Feb 8, 2013
    risk 0.00cvss epss 0.04

    The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and…

  • CVE-2012-0079Jan 18, 2012
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration.

  • CVE-2011-3517Oct 18, 2011
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.

  • CVE-2011-3506Oct 18, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.

  • CVE-2010-4444Jan 19, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.