VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,010 total · sorted by risk
  • CVE-2017-3481MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with…

  • CVE-2017-3473MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker…

  • CVE-2017-3465MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to…

  • CVE-2017-3464MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access…

  • CVE-2017-3315MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the PeopleSoft Enterprise HCM ePerformance component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise…

  • CVE-2017-3296MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). Supported versions that are affected are 10.0.3.5, 10.2.0.5 and 11.2.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2017-3261MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.03

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2017-3247MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMTP to compromise…

  • CVE-2017-3231MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2016-8322MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2016-8309MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2016-8308MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2016-8302MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low…

  • CVE-2016-8301MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows…

  • CVE-2016-5614MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2016-8295MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.2 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2016-8294MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2016-8283MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.07

    Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.

  • CVE-2016-5621MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.01

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different…

  • CVE-2016-5613MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.00

    Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.

  • CVE-2016-5611MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.00

    Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.

  • CVE-2016-5603MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different…

  • CVE-2016-5596MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2016-5554MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.03

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.

  • CVE-2016-5522MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.01

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2016-5513MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.01

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager.

  • CVE-2016-5511MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2016-5479MedOct 25, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 allows remote authenticated users to affect confidentiality via vectors related to INFRA.

  • CVE-2016-3550MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.03

    Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.

  • CVE-2016-3540MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework.

  • CVE-2016-3517MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect integrity via vectors related to PC / Get Shortcut.

  • CVE-2016-3507MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect integrity via vectors related to WebClient / Admin.

  • CVE-2016-3475MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.02

    Unspecified vulnerability in the Oracle Knowledge component in Oracle Siebel CRM 8.5.x allows remote authenticated users to affect confidentiality via vectors related to Information Manager Console.

  • CVE-2016-3458MedJul 21, 2016
    risk 0.28cvss 4.3epss 0.03

    Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.

  • CVE-2016-3425MedApr 21, 2016
    risk 0.28cvss 4.3epss 0.04

    Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.

  • CVE-2016-3422MedApr 21, 2016
    risk 0.28cvss 4.3epss 0.03

    Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

  • CVE-2016-1965MedMar 13, 2016
    risk 0.28cvss 4.3epss 0.02

    Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.

  • CVE-2016-1958MedMar 13, 2016
    risk 0.28cvss 4.3epss 0.02

    browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.

  • CVE-2016-1957MedMar 13, 2016
    risk 0.28cvss 4.3epss 0.02

    Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.

  • CVE-2015-8629MedFeb 13, 2016
    risk 0.28cvss 5.3epss 0.04

    The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a…

  • CVE-2014-2532MedMar 18, 2014
    risk 0.28cvss 4.2epss 0.05

    sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

  • CVE-2011-4461MedDec 30, 2011
    risk 0.28cvss 5.3epss 0.05

    Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

  • CVE-2025-21553MedJan 21, 2025
    risk 0.27cvss 4.2epss 0.00

    Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.25, 21.3-21.16 and 23.4-23.6. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network…

  • CVE-2025-21494MedJan 21, 2025
    risk 0.27cvss 4.1epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to…

  • CVE-2024-21213MedOct 15, 2024
    risk 0.27cvss 4.2epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure…

  • CVE-2024-21180MedJul 16, 2024
    risk 0.27cvss 4.1epss 0.00

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to…

  • CVE-2024-21066MedApr 16, 2024
    risk 0.27cvss 4.2epss 0.00

    Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with logon to the infrastructure where RDBMS…

  • CVE-2023-22016MedJul 18, 2023
    risk 0.27cvss 4.2epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where…

  • CVE-2022-39404MedOct 18, 2022
    risk 0.27cvss 4.2epss 0.00

    Vulnerability in the MySQL Installer product of Oracle MySQL (component: Installer: General). Supported versions that are affected are 1.6.3 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Installer…

  • CVE-2022-21611MedOct 18, 2022
    risk 0.27cvss 4.1epss 0.00

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.30 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise…

Page 108 of 201