CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle » Fusion Middleware : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-0470 2016-01-20 2016-02-08
5.5
None Remote Low Single system Partial Partial None
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Publisher Security.
2 CVE-2016-0464 2016-01-20 2016-02-04
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.
3 CVE-2016-0453 2016-01-20 2016-06-08
1.8
None Local Network High Not required Partial None None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.
4 CVE-2016-0441 2016-01-20 2016-06-08
6.8
None Remote High Single system Complete Complete Partial
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Embedded Server.
5 CVE-2016-0439 2016-01-20 2016-02-04
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430.
6 CVE-2016-0433 2016-01-20 2016-01-31
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support.
7 CVE-2016-0432 2016-01-20 2016-01-31
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.
8 CVE-2016-0430 2016-01-20 2016-01-31
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439.
9 CVE-2016-0429 2016-01-20 2016-01-31
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401.
10 CVE-2016-0413 2016-01-20 2016-01-31
4.0
None Remote Low Single system None Partial None
Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support.
11 CVE-2016-0404 2016-01-20 2016-01-31
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.
12 CVE-2016-0401 2016-01-20 2016-01-31
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429.
13 CVE-2015-4914 2015-10-21 2016-04-11
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Listener.
14 CVE-2015-4912 2015-10-21 2016-04-07
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine.
15 CVE-2015-4909 2015-10-21 2016-04-11
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect integrity via vectors related to ADF Faces.
16 CVE-2015-4899 2015-10-21 2016-04-11
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to Security.
17 CVE-2015-4880 2015-10-21 2016-05-26
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4867.
18 CVE-2015-4878 2015-10-21 2016-05-26
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4877.
19 CVE-2015-4877 2015-10-21 2016-05-26
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878.
20 CVE-2015-4867 2015-10-21 2016-05-19
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4880.
21 CVE-2015-4838 2015-10-21 2016-05-26
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote authenticated users to affect confidentiality via vectors related to ADF Faces.
22 CVE-2015-4832 2015-10-21 2016-06-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.2, and 11.1.2.3 allows remote attackers to affect integrity via vectors related to OIM Legacy UI.
23 CVE-2015-4812 2015-10-21 2016-05-26
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to OSSL Module.
24 CVE-2015-4811 2015-10-21 2016-05-26
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDKutside In PDF Export SDK, a different vulnerability than CVE-2015-4809.
25 CVE-2015-4809 2015-10-21 2016-05-26
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In PDF Export SDK, a different vulnerability than CVE-2015-4811.
26 CVE-2015-4808 2016-01-20 2016-01-31
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432.
27 CVE-2015-4799 2015-10-21 2016-06-01
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security.
28 CVE-2015-4759 2015-07-16 2015-07-20
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, and CVE-2015-4758.
29 CVE-2015-4758 2015-07-16 2015-07-20
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-2636, and CVE-2015-4759.
30 CVE-2015-4751 2015-07-16 2015-07-20
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect availability via unknown vectors related to Authentication Engine.
31 CVE-2015-4747 2015-07-16 2015-07-20
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CEP system.
32 CVE-2015-4745 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-2606.
33 CVE-2015-4744 2015-07-16 2015-07-21
2.6
None Remote High Not required None Partial None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via unknown vectors related to Java Server Faces.
34 CVE-2015-4742 2015-07-16 2015-07-20
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect availability via vectors related to ADF Faces.
35 CVE-2015-2658 2015-07-16 2015-07-20
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Support.
36 CVE-2015-2636 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2635, CVE-2015-4758, and CVE-2015-4759.
37 CVE-2015-2635 2015-07-16 2015-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2634, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
38 CVE-2015-2634 2015-07-16 2015-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality based on Trillium, a different vulnerability than CVE-2015-0443, CVE-2015-0444, CVE-2015-0445, CVE-2015-0446, CVE-2015-2635, CVE-2015-2636, CVE-2015-4758, and CVE-2015-4759.
39 CVE-2015-2623 2015-07-16 2015-07-16
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related to Java Server Faces.
40 CVE-2015-2606 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745.
41 CVE-2015-2605 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2606, and CVE-2015-4745.
42 CVE-2015-2604 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745.
43 CVE-2015-2603 2015-07-16 2015-07-16
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745.
44 CVE-2015-2602 2015-07-16 2016-03-30
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745.
45 CVE-2015-2598 2015-07-16 2015-07-16
3.5
None Remote Medium Single system None Partial None
Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad.
46 CVE-2015-2593 2015-07-16 2015-07-16
7.1
None Local Network Low Single system Complete Complete None
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Configuration Service.
47 CVE-2015-1926 2015-07-16 2015-07-16
5.5
None Remote Low Single system Partial Partial None
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.
48 CVE-2015-1829 2015-10-21 2016-05-26
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener.
49 CVE-2015-0493 2015-04-16 2015-04-17
1.5
None Local Medium Single system None None Partial
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474.
50 CVE-2015-0482 2015-04-16 2015-04-17
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2.0 and 12.1.3.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
Total number of vulnerabilities : 297   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.