# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
56651 |
CVE-2013-5896 |
|
|
|
2014-01-15 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list. |
56652 |
CVE-2013-5895 |
|
|
|
2014-01-15 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. |
56653 |
CVE-2013-5894 |
|
|
|
2014-01-15 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. |
56654 |
CVE-2013-5893 |
|
|
|
2014-01-15 |
2016-09-26 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox. |
56655 |
CVE-2013-5891 |
|
|
|
2014-01-15 |
2017-01-06 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. |
56656 |
CVE-2013-5890 |
|
|
|
2014-01-15 |
2016-11-17 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception Reporting. |
56657 |
CVE-2013-5889 |
|
|
|
2014-01-15 |
2018-01-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424. |
56658 |
CVE-2013-5888 |
|
|
|
2014-01-15 |
2018-01-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. |
56659 |
CVE-2013-5887 |
|
|
|
2014-01-15 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment. |
56660 |
CVE-2013-5886 |
|
|
|
2014-01-15 |
2014-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote attackers to affect integrity via unknown vectors related to Common Application Objects. |
56661 |
CVE-2013-5884 |
|
|
|
2014-01-15 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories. |
56662 |
CVE-2013-5882 |
|
|
|
2014-01-15 |
2017-08-28 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures. |
56663 |
CVE-2013-5881 |
|
|
|
2014-01-15 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2014-0431. |
56664 |
CVE-2013-5880 |
|
|
|
2014-01-15 |
2014-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to DM Others. |
56665 |
CVE-2013-5879 |
|
|
|
2014-01-15 |
2014-09-04 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. |
56666 |
CVE-2013-5878 |
|
|
|
2014-01-15 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox. |
56667 |
CVE-2013-5877 |
|
|
|
2014-01-15 |
2014-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote attackers to affect confidentiality via unknown vectors related to DM Others. |
56668 |
CVE-2013-5876 |
|
|
|
2014-01-15 |
2017-08-28 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2014-0447. |
56669 |
CVE-2013-5873 |
|
|
|
2014-01-15 |
2014-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Integration Broker. |
56670 |
CVE-2013-5870 |
|
|
|
2014-01-15 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. |
56671 |
CVE-2013-5869 |
|
|
|
2014-01-15 |
2014-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Page Service. |
56672 |
CVE-2013-5867 |
|
|
|
2013-10-16 |
2013-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via vectors related to SISNAPI & Network Infrastructure. |
56673 |
CVE-2013-5866 |
|
|
|
2013-10-16 |
2017-08-28 |
5.2 |
None |
Local |
High |
Not required |
Partial |
Partial |
Complete |
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel. |
56674 |
CVE-2013-5864 |
|
|
|
2013-10-16 |
2017-09-18 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver. |
56675 |
CVE-2013-5863 |
|
|
|
2013-10-16 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect integrity via vectors related to IPS repository daemon. |
56676 |
CVE-2013-5862 |
|
|
|
2013-10-16 |
2017-09-18 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than CVE-2014-4215. |
56677 |
CVE-2013-5861 |
|
|
|
2013-10-16 |
2013-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect availability via vectors related to Kernel/KSSL. |
56678 |
CVE-2013-5860 |
|
|
|
2014-01-15 |
2017-08-28 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. |
56679 |
CVE-2013-5859 |
|
|
|
2013-10-16 |
2013-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the Instantis EnterpriseTrack component in Oracle Primavera Products Suite 8.0.6 and 8.5 allows remote attackers to affect confidentiality via unknown vectors. |
56680 |
CVE-2013-5858 |
|
|
|
2014-01-15 |
2016-11-18 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2015-0370. |
56681 |
CVE-2013-5855 |
79 |
|
XSS |
2014-07-17 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Oracle Mojarra 2.2.x before 2.2.6 and 2.1.x before 2.1.28 does not perform appropriate encoding when a (1) <h:outputText> tag or (2) EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors. |
56682 |
CVE-2013-5853 |
|
|
|
2014-01-15 |
2014-03-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect availability via unknown vectors. |
56683 |
CVE-2013-5852 |
|
|
|
2013-10-16 |
2018-01-04 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5832. |
56684 |
CVE-2013-5851 |
|
|
|
2013-10-16 |
2017-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. |
56685 |
CVE-2013-5850 |
|
|
|
2013-10-16 |
2018-01-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842. |
56686 |
CVE-2013-5849 |
|
|
|
2013-10-16 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT. |
56687 |
CVE-2013-5848 |
|
|
|
2013-10-16 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. |
56688 |
CVE-2013-5847 |
|
|
|
2013-10-16 |
2013-10-30 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensation component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to eCompensation. |
56689 |
CVE-2013-5846 |
|
|
|
2013-10-16 |
2017-09-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. |
56690 |
CVE-2013-5845 |
|
|
|
2013-10-16 |
2013-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. |
56691 |
CVE-2013-5844 |
|
|
|
2013-10-16 |
2017-09-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. |
56692 |
CVE-2013-5843 |
|
|
|
2013-10-16 |
2018-01-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
56693 |
CVE-2013-5842 |
|
|
|
2013-10-16 |
2018-01-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850. |
56694 |
CVE-2013-5841 |
|
|
|
2013-10-16 |
2016-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5794. |
56695 |
CVE-2013-5840 |
|
|
|
2013-10-16 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. |
56696 |
CVE-2013-5839 |
|
|
|
2013-10-16 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Oracle Java Web Console. |
56697 |
CVE-2013-5838 |
|
|
|
2013-10-16 |
2017-09-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
56698 |
CVE-2013-5836 |
|
|
|
2013-10-16 |
2013-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Business Interlink. |
56699 |
CVE-2013-5835 |
|
|
|
2013-10-16 |
2013-10-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Open_UI. |
56700 |
CVE-2013-5834 |
|
|
|
2014-01-15 |
2017-08-28 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ps. |