Vendor CVEs
Oracle Corporation
All CVEs
10,082 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-0166 | 0.00 | — | 0.02 | Apr 23, 2009 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory. | |||
| CVE-2009-0147 | 0.00 | — | 0.03 | Apr 23, 2009 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)… | |||
| CVE-2009-0146 | 0.00 | — | 0.03 | Apr 23, 2009 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2)… | |||
| CVE-2009-1017 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. | |||
| CVE-2009-1016 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was… | |||
| CVE-2009-1014 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1013. | |||
| CVE-2009-1013 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014. | |||
| CVE-2009-1012 | 0.00 | — | 0.04 | Apr 15, 2009 | Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and… | |||
| CVE-2009-1011 | 0.00 | — | 0.00 | Apr 15, 2009 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle… | |||
| CVE-2009-1010 | 0.00 | — | 0.00 | Apr 15, 2009 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. | |||
| CVE-2009-1009 | 0.00 | — | 0.00 | Apr 15, 2009 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML. | |||
| CVE-2009-1008 | 0.00 | — | 0.00 | Apr 15, 2009 | Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. | |||
| CVE-2009-1006 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-1005 | 0.00 | — | 0.00 | Apr 15, 2009 | Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-1004 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2009-1003 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages." | |||
| CVE-2009-1002 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. | |||
| CVE-2009-1001 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. | |||
| CVE-2009-1000 | 0.00 | — | 0.02 | Apr 15, 2009 | The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. | |||
| CVE-2009-0999 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-0998 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2009-0997 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL. | |||
| CVE-2009-0996 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors. | |||
| CVE-2009-0995 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors. | |||
| CVE-2009-0994 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. | |||
| CVE-2009-0992 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU.… | |||
| CVE-2009-0990 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. | |||
| CVE-2009-0989 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990. | |||
| CVE-2009-0988 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. | |||
| CVE-2009-0986 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-0985 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMP_FULL_DATABASE role to affect confidentiality, integrity, and availability. | |||
| CVE-2009-0984 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL. | |||
| CVE-2009-0983 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407. | |||
| CVE-2009-0982 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote authenticated users to affect integrity via unknown vectors. | |||
| CVE-2009-0980 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 allows remote authenticated users to affect integrity and availability, related to AGGXQIMP. | |||
| CVE-2009-0979 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-0977 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April… | |||
| CVE-2009-0976 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to LTADM. | |||
| CVE-2009-0975 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0978. | |||
| CVE-2009-0974 | 0.00 | — | 0.03 | Apr 15, 2009 | Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0983 and CVE-2009-3407. | |||
| CVE-2009-0973 | 0.00 | — | 0.02 | Apr 15, 2009 | Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors. | |||
| CVE-2009-0972 | 0.00 | — | 0.01 | Apr 15, 2009 | Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||
| CVE-2009-1144 | 0.00 | — | 0.00 | Apr 9, 2009 | Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library. | |||
| CVE-2009-1107 | 0.00 | — | 0.03 | Mar 25, 2009 | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog,… | |||
| CVE-2009-1106 | 0.00 | — | 0.04 | Mar 25, 2009 | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors,… | |||
| CVE-2009-1105 | 0.00 | — | 0.04 | Mar 25, 2009 | The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR… | |||
| CVE-2009-1102 | 0.00 | — | 0.05 | Mar 25, 2009 | Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation." | |||
| CVE-2009-0581 | 0.00 | — | 0.03 | Mar 23, 2009 | Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. | |||
| CVE-2008-5463 | 0.00 | — | 0.01 | Jan 14, 2009 | Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2008-5462 | 0.00 | — | 0.01 | Jan 14, 2009 | Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
- CVE-2009-0166Apr 23, 2009risk 0.00cvss —epss 0.02
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
- CVE-2009-0147Apr 23, 2009risk 0.00cvss —epss 0.03
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)…
- CVE-2009-0146Apr 23, 2009risk 0.00cvss —epss 0.03
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2)…
- CVE-2009-1017Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994.
- CVE-2009-1016Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was…
- CVE-2009-1014Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1013.
- CVE-2009-1013Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014.
- CVE-2009-1012Apr 15, 2009risk 0.00cvss —epss 0.04
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and…
- CVE-2009-1011Apr 15, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle…
- CVE-2009-1010Apr 15, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008.
- CVE-2009-1009Apr 15, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
- CVE-2009-1008Apr 15, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
- CVE-2009-1006Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-1005Apr 15, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-1004Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.
- CVE-2009-1003Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages."
- CVE-2009-1002Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors.
- CVE-2009-1001Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors.
- CVE-2009-1000Apr 15, 2009risk 0.00cvss —epss 0.02
The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors.
- CVE-2009-0999Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-0998Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
- CVE-2009-0997Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL.
- CVE-2009-0996Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors.
- CVE-2009-0995Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors.
- CVE-2009-0994Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017.
- CVE-2009-0992Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU.…
- CVE-2009-0990Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989.
- CVE-2009-0989Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990.
- CVE-2009-0988Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.
- CVE-2009-0986Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-0985Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMP_FULL_DATABASE role to affect confidentiality, integrity, and availability.
- CVE-2009-0984Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL.
- CVE-2009-0983Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407.
- CVE-2009-0982Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote authenticated users to affect integrity via unknown vectors.
- CVE-2009-0980Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 allows remote authenticated users to affect integrity and availability, related to AGGXQIMP.
- CVE-2009-0979Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-0977Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April…
- CVE-2009-0976Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to LTADM.
- CVE-2009-0975Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0978.
- CVE-2009-0974Apr 15, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0983 and CVE-2009-3407.
- CVE-2009-0973Apr 15, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors.
- CVE-2009-0972Apr 15, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
- CVE-2009-1144Apr 9, 2009risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in the Gentoo package of Xpdf before 3.02-r2 allows local users to gain privileges via a Trojan horse xpdfrc file in the current working directory, related to an unset SYSTEM_XPDFRC macro in a Gentoo build process that uses the poppler library.
- CVE-2009-1107Mar 25, 2009risk 0.00cvss —epss 0.03
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog,…
- CVE-2009-1106Mar 25, 2009risk 0.00cvss —epss 0.04
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors,…
- CVE-2009-1105Mar 25, 2009risk 0.00cvss —epss 0.04
The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR…
- CVE-2009-1102Mar 25, 2009risk 0.00cvss —epss 0.05
Unspecified vulnerability in the Virtual Machine in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."
- CVE-2009-0581Mar 23, 2009risk 0.00cvss —epss 0.03
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
- CVE-2008-5463Jan 14, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
- CVE-2008-5462Jan 14, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Page 190 of 202