CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-5615 284 2016-10-25 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Lynx.
2 CVE-2016-5613 284 2016-10-25 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608.
3 CVE-2016-5611 200 +Info 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.
4 CVE-2016-5608 284 2016-10-25 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613.
5 CVE-2016-5561 2016-10-25 2016-11-28
2.6
None Remote High Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect availability via vectors related to IKE.
6 CVE-2016-5525 284 2016-10-25 2016-11-28
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.3 allows local users to affect integrity via vectors related to Cluster check files.
7 CVE-2016-5517 284 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 allows local users to affect confidentiality via vectors related to AD Utilities.
8 CVE-2016-5508 200 +Info 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 4.3 allows local users to affect confidentiality via vectors related to Cluster Geo.
9 CVE-2016-5505 200 +Info 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
10 CVE-2016-5499 264 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.
11 CVE-2016-5498 200 +Info 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.
12 CVE-2016-5490 2016-10-25 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local users to affect confidentiality via vectors related to INFRA.
13 CVE-2016-5471 2016-07-21 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5469.
14 CVE-2016-5469 2016-07-21 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471.
15 CVE-2016-5452 2016-07-21 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot.
16 CVE-2016-4955 362 DoS 2016-07-04 2016-11-28
2.6
None Remote High Not required None None Partial
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
17 CVE-2016-3712 DoS Overflow 2016-05-11 2016-11-30
2.1
None Local Low Not required None None Partial
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
18 CVE-2016-3597 2016-07-21 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core.
19 CVE-2016-3485 2016-07-21 2016-11-28
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
20 CVE-2016-3469 2016-07-21 2016-11-28
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors related to Services.
21 CVE-2016-3447 2016-04-21 2016-12-02
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to OAF Core.
22 CVE-2016-3419 2016-04-21 2016-12-02
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem.
23 CVE-2016-0695 2016-04-21 2016-12-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
24 CVE-2016-0688 2016-04-21 2016-12-02
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components.
25 CVE-2016-0671 2016-04-21 2016-12-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to OSSL Module.
26 CVE-2016-0667 2016-04-21 2016-12-02
2.8
None Remote Medium Multiple systems None None Partial
Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.
27 CVE-2016-0607 2016-01-20 2016-11-28
2.8
None Remote Medium Multiple systems None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.
28 CVE-2016-0605 2016-01-20 2016-11-28
2.1
None Remote High Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors.
29 CVE-2016-0592 2016-01-20 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core.
30 CVE-2016-0454 2016-01-20 2016-02-04
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager.
31 CVE-2016-0446 2016-01-20 2016-02-08
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality via unknown vectors related to Agent Next Gen.
32 CVE-2015-4926 2016-01-20 2016-02-04
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect integrity via vectors related to UIX.
33 CVE-2015-4922 2016-01-20 2016-02-04
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Boot.
34 CVE-2015-4920 2016-01-20 2016-02-04
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vectors related to NDMP Backup Service.
35 CVE-2015-4910 2015-10-21 2016-11-28
2.1
None Remote High Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
36 CVE-2015-4865 2015-10-21 2016-05-19
2.1
None Remote High Single system Partial None None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to Business Objects - BC4J.
37 CVE-2015-4836 2015-10-21 2016-11-28
2.8
None Remote Medium Multiple systems None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
38 CVE-2015-4824 2015-10-21 2016-05-26
2.1
None Remote High Single system Partial None None
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.
39 CVE-2015-4813 2015-10-21 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core.
40 CVE-2015-4812 2015-10-21 2016-05-26
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to OSSL Module.
41 CVE-2015-4801 2015-10-21 2016-06-01
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality via unknown vectors related to Solaris Kernel Zones.
42 CVE-2015-4753 2015-07-16 2015-07-20
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
43 CVE-2015-4744 2015-07-16 2015-07-21
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors related to Java Server Faces.
44 CVE-2015-3455 20 2015-05-18 2016-11-28
2.6
None Remote High Not required None Partial None
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate.
45 CVE-2015-2661 2015-07-16 2016-11-28
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.
46 CVE-2015-2627 2015-07-16 2016-12-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
47 CVE-2015-2625 2015-07-16 2016-12-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
48 CVE-2015-2618 2015-07-16 2015-07-16
2.1
None Remote High Single system None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Input validation.
49 CVE-2015-2585 2015-07-16 2015-07-16
2.1
None Remote High Single system None None Partial
Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.
50 CVE-2015-2579 2015-04-16 2016-12-02
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer.
Total number of vulnerabilities : 181   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.