VYPR

Vendor CVEs

Oracle Corporation

All CVEs

10,082 total · sorted by risk
  • CVE-2009-1991Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the…

  • CVE-2009-1990Oct 22, 2009
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Business Intelligence Enterprise Edition component in Oracle Application Server 10.1.3.4.1 allows local users to affect confidentiality via unknown vectors.

  • CVE-2009-1985Oct 22, 2009
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2009-1972Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.

  • CVE-2009-1971Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.7 allows remote authenticated users to affect integrity via unknown vectors.

  • CVE-2009-1965Oct 22, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Net Foundation Layer component in Oracle Database 9.2.0.8 and 10.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2009-1964Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2009-1018Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LTRIC (WMSYS.LTRIC).

  • CVE-2009-1007Oct 22, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DMP_SYS.

  • CVE-2009-3609Oct 21, 2009
    risk 0.00cvss epss 0.04

    Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that…

  • CVE-2009-3519Oct 1, 2009
    risk 0.00cvss epss 0.00

    Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCPROTO, and (4) M_SIG STREAMS messages.

  • CVE-2008-7239Sep 14, 2009
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 allow remote attackers to affect confidentiality via unknown vectors related to the (1) Oracle Application Object Library (APP02) and (2) Oracle Applications Manager (APP04).

  • CVE-2008-7238Sep 14, 2009
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors…

  • CVE-2008-7237Sep 14, 2009
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06.

  • CVE-2008-7236Sep 14, 2009
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05.

  • CVE-2008-7235Sep 14, 2009
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04.

  • CVE-2008-7234Sep 14, 2009
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03.

  • CVE-2008-7233Sep 14, 2009
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator…

  • CVE-2009-2625Aug 6, 2009
    risk 0.00cvss epss 0.30

    XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via…

  • CVE-2009-1989Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the PeopleSoft Enterprise FMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 33, and 9.0 Bundle 24 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2009-1988Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the PeopleSoft Enterprise HRMS eProfile Manager component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1, 8.9 Bundle 19, and 9.0 Bundle 9 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2009-1987Jul 14, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools - Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.21 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2009-1986Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.

  • CVE-2009-1984Jul 14, 2009
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator.

  • CVE-2009-1983Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2009-1982Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.6 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2009-1981Jul 14, 2009
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Highly Interactive Client component in Siebel Product Suite 7.5.3, 7.7.2, 7.8.2, 8.0.0.5, and 8.1.0 allows local users to affect confidentiality and integrity via unknown vectors.

  • CVE-2009-1980Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2009-1976Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the HTTP Server component in Oracle Application Server 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2009-1974Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Servlet Container Package.

  • CVE-2009-1973Jul 14, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Virtual Private Database component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to VPD policies.

  • CVE-2009-1969Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality via unknown vectors.

  • CVE-2009-1967Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1966.

  • CVE-2009-1966Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967.

  • CVE-2009-1021Jul 14, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2009-1015Jul 14, 2009
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors.

  • CVE-2009-0987Jul 14, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2009-0217Jul 14, 2009
    risk 0.00cvss epss 0.06

    The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA…

  • CVE-2009-2445Jul 13, 2009
    risk 0.00cvss epss 0.03

    Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.

  • CVE-2009-2296Jul 2, 2009
    risk 0.00cvss epss 0.04

    The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.

  • CVE-2009-2282Jul 1, 2009
    risk 0.00cvss epss 0.00

    The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain…

  • CVE-2009-1933Jun 5, 2009
    risk 0.00cvss epss 0.00

    Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.

  • CVE-2009-0165Apr 23, 2009
    risk 0.00cvss epss 0.04

    Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn."

  • CVE-2009-1183Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

  • CVE-2009-1181Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

  • CVE-2009-1180Apr 23, 2009
    risk 0.00cvss epss 0.05

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

  • CVE-2009-1179Apr 23, 2009
    risk 0.00cvss epss 0.06

    Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2009-0800Apr 23, 2009
    risk 0.00cvss epss 0.05

    Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2009-0799Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.

  • CVE-2009-0195Apr 23, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

Page 189 of 202