VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,082 total · sorted by risk
  • CVE-2017-3295HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters ). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3294HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters ). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3270HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3269HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3268HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3267HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-3253HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.04

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2016-5546HigJan 27, 2017
    risk 0.49cvss 7.5epss 0.03

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows…

  • CVE-2016-6664HigDec 13, 2016
    risk 0.49cvss 7.0epss 0.03

    mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before…

  • CVE-2016-6663HigDec 13, 2016
    risk 0.49cvss 7.0epss 0.04

    Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and…

  • CVE-2016-5842HigDec 13, 2016
    risk 0.49cvss 7.5epss 0.06

    MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.

  • CVE-2016-5562HigOct 25, 2016
    risk 0.49cvss 7.6epss 0.01

    Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2016-5500HigOct 25, 2016
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to Viewer.

  • CVE-2016-5495HigOct 25, 2016
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to EUL Code & Schema.

  • CVE-2016-4809HigSep 21, 2016
    risk 0.49cvss 7.5epss 0.05

    The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink.

  • CVE-2016-5449HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.03

    Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect availability via vectors related to Console Redirection.

  • CVE-2016-3528HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.04

    Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect availability via vectors related to Expenses Admin Utilities.

  • CVE-2016-3526HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.04

    Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3529 and CVE-2016-3560.

  • CVE-2016-3515HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.04

    Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote attackers to affect confidentiality via unknown vectors.

  • CVE-2016-3479HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.04

    Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

  • CVE-2016-3471HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.00

    Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

  • CVE-2016-4998HigJul 3, 2016
    risk 0.49cvss 7.1epss 0.02

    The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access…

  • CVE-2016-3627HigMay 17, 2016
    risk 0.49cvss 7.5epss 0.07

    The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.

  • CVE-2016-2381HigApr 8, 2016
    risk 0.49cvss 7.5epss 0.09

    Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

  • CVE-2015-3276HigDec 7, 2015
    risk 0.49cvss 7.5epss 0.05

    The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

  • CVE-2015-7236HigOct 1, 2015
    risk 0.49cvss 7.5epss 0.06

    Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.

  • CVE-2009-1955HigJun 8, 2009
    risk 0.49cvss 7.5epss 0.53

    The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document…

  • CVE-2026-46818HigMay 28, 2026
    risk 0.48cvss 7.4epss 0.00

    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle…

  • CVE-2026-21932HigJan 20, 2026
    risk 0.48cvss 7.4epss 0.00

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle…

  • CVE-2018-2990HigJul 18, 2018
    risk 0.48cvss 7.4epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Difficult to exploit vulnerability allows unauthenticated attacker with network access via…

  • CVE-2018-2966HigJul 18, 2018
    risk 0.48cvss 7.4epss 0.01

    Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2018-2920HigJul 18, 2018
    risk 0.48cvss 7.4epss 0.01

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). The supported version that is affected is Prior to 8.7.19. Easily exploitable vulnerability allows low privileged attacker with network access…

  • CVE-2018-2850HigApr 19, 2018
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2018-2804HigApr 19, 2018
    risk 0.48cvss 7.4epss 0.02

    Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated…

  • CVE-2018-2783HigApr 19, 2018
    risk 0.48cvss 7.4epss 0.04

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows…

  • CVE-2018-2774HigApr 19, 2018
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: SQR). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2018-2742HigApr 19, 2018
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Framework). Supported versions that are affected are 12.2.2 and 12.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access…

  • CVE-2018-2660HigJan 18, 2018
    risk 0.48cvss 7.4epss 0.01

    Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged…

  • CVE-2018-2637HigJan 18, 2018
    risk 0.48cvss 7.4epss 0.05

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows…

  • CVE-2018-2568HigJan 18, 2018
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2017-10391HigOct 19, 2017
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent: Administration). Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2017-10333HigOct 19, 2017
    risk 0.48cvss 7.4epss 0.01

    Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework.…

  • CVE-2017-10265HigOct 19, 2017
    risk 0.48cvss 7.3epss 0.01

    Vulnerability in the Oracle Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: System Management). The supported version that is affected is Prior to 3.2.6. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2017-10206HigAug 8, 2017
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2017-10145HigAug 8, 2017
    risk 0.48cvss 7.4epss 0.02

    Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2017-10104HigAug 8, 2017
    risk 0.48cvss 7.4epss 0.01

    Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Java Advanced Management Console: 2.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…

  • CVE-2017-10019HigAug 8, 2017
    risk 0.48cvss 7.4epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2017-3547HigApr 24, 2017
    risk 0.48cvss 7.4epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access…

  • CVE-2017-3507HigApr 24, 2017
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Console Design). Supported versions that are affected are 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with…

  • CVE-2017-3497HigApr 24, 2017
    risk 0.48cvss 7.3epss 0.02

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols…

Page 18 of 202