Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-1517

Summary
Assigner-debian
Assigner Org ID-79363d38-fa19-49d1-9214-5f28da3f3ac5
Published At-05 May, 2006 | 10:00
Updated At-07 Aug, 2024 | 17:12
Rejected At-
Credits

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:debian
Assigner Org ID:79363d38-fa19-49d1-9214-5f28da3f3ac5
Published At:05 May, 2006 | 10:00
Updated At:07 Aug, 2024 | 17:12
Rejected At:
▼CVE Numbering Authority (CNA)

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/432734/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.trustix.org/errata/2006/0028
vendor-advisory
x_refsource_TRUSTIX
http://secunia.com/advisories/19929
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20073
third-party-advisory
x_refsource_SECUNIA
http://www.wisec.it/vulns.php?page=8
x_refsource_MISC
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
third-party-advisory
x_refsource_CERT
http://www.debian.org/security/2006/dsa-1079
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2006/1633
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/archive/1/434164/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/20424
third-party-advisory
x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
vendor-advisory
x_refsource_GENTOO
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
vendor-advisory
x_refsource_APPLE
http://docs.info.apple.com/article.html?artnum=305214
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
vdb-entry
signature
x_refsource_OVAL
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
vendor-advisory
x_refsource_SUSE
http://securityreason.com/securityalert/839
third-party-advisory
x_refsource_SREASON
http://www.osvdb.org/25228
vdb-entry
x_refsource_OSVDB
http://www.novell.com/linux/security/advisories/2006-06-02.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/17780
vdb-entry
x_refsource_BID
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
vendor-advisory
x_refsource_MANDRIVA
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
x_refsource_CONFIRM
http://secunia.com/advisories/20241
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20762
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
vendor-advisory
x_refsource_SUNALERT
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
vendor-advisory
x_refsource_SLACKWARE
http://secunia.com/advisories/20333
third-party-advisory
x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
x_refsource_CONFIRM
http://secunia.com/advisories/20002
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20223
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20076
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1016016
vdb-entry
x_refsource_SECTRACK
http://www.debian.org/security/2006/dsa-1071
vendor-advisory
x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2008/1326/references
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/0930
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/20253
third-party-advisory
x_refsource_SECUNIA
https://usn.ubuntu.com/283-1/
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/20457
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1073
vendor-advisory
x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
vdb-entry
x_refsource_XF
http://secunia.com/advisories/29847
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/20625
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0544.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/24479
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/432734/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.trustix.org/errata/2006/0028
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://secunia.com/advisories/19929
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20073
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.wisec.it/vulns.php?page=8
Resource:
x_refsource_MISC
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.debian.org/security/2006/dsa-1079
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2006/1633
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/archive/1/434164/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/20424
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://securityreason.com/securityalert/839
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://www.osvdb.org/25228
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.novell.com/linux/security/advisories/2006-06-02.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/17780
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/20241
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20762
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://secunia.com/advisories/20333
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/20002
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20223
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20076
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1016016
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.debian.org/security/2006/dsa-1071
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.vupen.com/english/advisories/2008/1326/references
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/20253
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://usn.ubuntu.com/283-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/20457
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2006/dsa-1073
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/29847
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/20625
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0544.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/24479
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/432734/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.trustix.org/errata/2006/0028
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://secunia.com/advisories/19929
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20073
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.wisec.it/vulns.php?page=8
x_refsource_MISC
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.debian.org/security/2006/dsa-1079
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2006/1633
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/archive/1/434164/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/20424
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://docs.info.apple.com/article.html?artnum=305214
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://securityreason.com/securityalert/839
third-party-advisory
x_refsource_SREASON
x_transferred
http://www.osvdb.org/25228
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.novell.com/linux/security/advisories/2006-06-02.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/17780
vdb-entry
x_refsource_BID
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/20241
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20762
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://secunia.com/advisories/20333
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/20002
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20223
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20076
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1016016
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.debian.org/security/2006/dsa-1071
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.vupen.com/english/advisories/2008/1326/references
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2007/0930
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/20253
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://usn.ubuntu.com/283-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/20457
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2006/dsa-1073
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/29847
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/20625
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0544.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/24479
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/432734/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.trustix.org/errata/2006/0028
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://secunia.com/advisories/19929
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20073
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.wisec.it/vulns.php?page=8
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1079
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/1633
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/434164/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/20424
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://securityreason.com/securityalert/839
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://www.osvdb.org/25228
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006-06-02.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/17780
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/20241
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20762
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://secunia.com/advisories/20333
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/20002
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20223
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20076
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1016016
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1071
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/1326/references
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/20253
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://usn.ubuntu.com/283-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/20457
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1073
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/29847
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/20625
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0544.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/24479
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@debian.org
Published At:05 May, 2006 | 12:46
Updated At:03 Apr, 2025 | 01:03

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
mysql
mysql
>>mysql>>4.1.0
cpe:2.3:a:mysql:mysql:4.1.0:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.3
cpe:2.3:a:mysql:mysql:4.1.3:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.8
cpe:2.3:a:mysql:mysql:4.1.8:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.10
cpe:2.3:a:mysql:mysql:4.1.10:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.12
cpe:2.3:a:mysql:mysql:4.1.12:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.13
cpe:2.3:a:mysql:mysql:4.1.13:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.14
cpe:2.3:a:mysql:mysql:4.1.14:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>4.1.15
cpe:2.3:a:mysql:mysql:4.1.15:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.1
cpe:2.3:a:mysql:mysql:5.0.1:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.2
cpe:2.3:a:mysql:mysql:5.0.2:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.3
cpe:2.3:a:mysql:mysql:5.0.3:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.4
cpe:2.3:a:mysql:mysql:5.0.4:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.5
cpe:2.3:a:mysql:mysql:5.0.5:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.10
cpe:2.3:a:mysql:mysql:5.0.10:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.15
cpe:2.3:a:mysql:mysql:5.0.15:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.16
cpe:2.3:a:mysql:mysql:5.0.16:*:*:*:*:*:*:*
mysql
mysql
>>mysql>>5.0.17
cpe:2.3:a:mysql:mysql:5.0.17:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.0
cpe:2.3:a:oracle:mysql:4.0.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.1
cpe:2.3:a:oracle:mysql:4.0.1:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.2
cpe:2.3:a:oracle:mysql:4.0.2:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.3
cpe:2.3:a:oracle:mysql:4.0.3:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.4
cpe:2.3:a:oracle:mysql:4.0.4:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.5
cpe:2.3:a:oracle:mysql:4.0.5:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.5a
cpe:2.3:a:oracle:mysql:4.0.5a:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.6
cpe:2.3:a:oracle:mysql:4.0.6:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.7
cpe:2.3:a:oracle:mysql:4.0.7:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.7
cpe:2.3:a:oracle:mysql:4.0.7:gamma:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.8
cpe:2.3:a:oracle:mysql:4.0.8:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.8
cpe:2.3:a:oracle:mysql:4.0.8:gamma:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.9
cpe:2.3:a:oracle:mysql:4.0.9:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.9
cpe:2.3:a:oracle:mysql:4.0.9:gamma:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.10
cpe:2.3:a:oracle:mysql:4.0.10:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.11
cpe:2.3:a:oracle:mysql:4.0.11:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.11
cpe:2.3:a:oracle:mysql:4.0.11:gamma:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.12
cpe:2.3:a:oracle:mysql:4.0.12:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.13
cpe:2.3:a:oracle:mysql:4.0.13:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.14
cpe:2.3:a:oracle:mysql:4.0.14:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.15
cpe:2.3:a:oracle:mysql:4.0.15:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.16
cpe:2.3:a:oracle:mysql:4.0.16:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.17
cpe:2.3:a:oracle:mysql:4.0.17:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.18
cpe:2.3:a:oracle:mysql:4.0.18:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.19
cpe:2.3:a:oracle:mysql:4.0.19:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.20
cpe:2.3:a:oracle:mysql:4.0.20:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.21
cpe:2.3:a:oracle:mysql:4.0.21:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.23
cpe:2.3:a:oracle:mysql:4.0.23:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.24
cpe:2.3:a:oracle:mysql:4.0.24:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.25
cpe:2.3:a:oracle:mysql:4.0.25:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.0.26
cpe:2.3:a:oracle:mysql:4.0.26:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.1.0
cpe:2.3:a:oracle:mysql:4.1.0:alpha:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>4.1.2
cpe:2.3:a:oracle:mysql:4.1.2:alpha:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939security@debian.org
Patch
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.htmlsecurity@debian.org
Patch
http://docs.info.apple.com/article.html?artnum=305214security@debian.org
N/A
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlsecurity@debian.org
N/A
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.htmlsecurity@debian.org
N/A
http://secunia.com/advisories/19929security@debian.org
Patch
Vendor Advisory
http://secunia.com/advisories/20002security@debian.org
N/A
http://secunia.com/advisories/20073security@debian.org
N/A
http://secunia.com/advisories/20076security@debian.org
N/A
http://secunia.com/advisories/20223security@debian.org
N/A
http://secunia.com/advisories/20241security@debian.org
N/A
http://secunia.com/advisories/20253security@debian.org
N/A
http://secunia.com/advisories/20333security@debian.org
N/A
http://secunia.com/advisories/20424security@debian.org
N/A
http://secunia.com/advisories/20457security@debian.org
N/A
http://secunia.com/advisories/20625security@debian.org
N/A
http://secunia.com/advisories/20762security@debian.org
N/A
http://secunia.com/advisories/24479security@debian.org
N/A
http://secunia.com/advisories/29847security@debian.org
N/A
http://securityreason.com/securityalert/839security@debian.org
N/A
http://securitytracker.com/id?1016016security@debian.org
Patch
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377security@debian.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1security@debian.org
N/A
http://www.debian.org/security/2006/dsa-1071security@debian.org
N/A
http://www.debian.org/security/2006/dsa-1073security@debian.org
N/A
http://www.debian.org/security/2006/dsa-1079security@debian.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xmlsecurity@debian.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084security@debian.org
N/A
http://www.novell.com/linux/security/advisories/2006-06-02.htmlsecurity@debian.org
N/A
http://www.osvdb.org/25228security@debian.org
N/A
http://www.redhat.com/support/errata/RHSA-2006-0544.htmlsecurity@debian.org
N/A
http://www.securityfocus.com/archive/1/432734/100/0/threadedsecurity@debian.org
N/A
http://www.securityfocus.com/archive/1/434164/100/0/threadedsecurity@debian.org
N/A
http://www.securityfocus.com/bid/17780security@debian.org
N/A
http://www.trustix.org/errata/2006/0028security@debian.org
N/A
http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlsecurity@debian.org
US Government Resource
http://www.vupen.com/english/advisories/2006/1633security@debian.org
N/A
http://www.vupen.com/english/advisories/2007/0930security@debian.org
N/A
http://www.vupen.com/english/advisories/2008/1326/referencessecurity@debian.org
N/A
http://www.wisec.it/vulns.php?page=8security@debian.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/26228security@debian.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036security@debian.org
N/A
https://usn.ubuntu.com/283-1/security@debian.org
N/A
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939af854a3a-2127-422b-91ae-364da2661108
Patch
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://docs.info.apple.com/article.html?artnum=305214af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/19929af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/20002af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20073af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20076af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20223af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20241af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20253af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20333af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20424af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20457af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20625af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/20762af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/24479af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/29847af854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/839af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016016af854a3a-2127-422b-91ae-364da2661108
Patch
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2006/dsa-1071af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2006/dsa-1073af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2006/dsa-1079af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-200605-13.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:084af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006-06-02.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/25228af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0544.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/432734/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/434164/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/17780af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.trustix.org/errata/2006/0028af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2006/1633af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2007/0930af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2008/1326/referencesaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.wisec.it/vulns.php?page=8af854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/26228af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036af854a3a-2127-422b-91ae-364da2661108
N/A
https://usn.ubuntu.com/283-1/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
Source: security@debian.org
Resource:
Patch
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Source: security@debian.org
Resource:
Patch
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Source: security@debian.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Source: security@debian.org
Resource: N/A
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/19929
Source: security@debian.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/20002
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20073
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20076
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20223
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20241
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20253
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20333
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20424
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20457
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20625
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/20762
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/24479
Source: security@debian.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29847
Source: security@debian.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/839
Source: security@debian.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016016
Source: security@debian.org
Resource:
Patch
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
Source: security@debian.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1071
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1073
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1079
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006-06-02.html
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.osvdb.org/25228
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0544.html
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/432734/100/0/threaded
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/434164/100/0/threaded
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/17780
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.trustix.org/errata/2006/0028
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Source: security@debian.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/1633
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/1326/references
Source: security@debian.org
Resource: N/A
Hyperlink: http://www.wisec.it/vulns.php?page=8
Source: security@debian.org
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
Source: security@debian.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
Source: security@debian.org
Resource: N/A
Hyperlink: https://usn.ubuntu.com/283-1/
Source: security@debian.org
Resource: N/A
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://docs.info.apple.com/article.html?artnum=305214
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/19929
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/20002
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20073
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20076
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20223
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20253
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20333
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20424
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20457
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20625
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/20762
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/24479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/29847
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/839
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016016
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.599377
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1071
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1073
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1079
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200605-13.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006-06-02.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/25228
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0544.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/432734/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/434164/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/17780
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.trustix.org/errata/2006/0028
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-072A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/1633
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/0930
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2008/1326/references
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.wisec.it/vulns.php?page=8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/26228
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11036
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://usn.ubuntu.com/283-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

465Records found
CVE-2017-10244
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.56% / 67.42%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-application_object_libraryApplication Object Library
CVE-2017-10280
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.73% / 71.78%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Test Framework). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_peopletoolsPeopleSoft Enterprise PT PeopleTools
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10093
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 60.83%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-08 May, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-agile_product_lifecycle_managementAgile PLM Framework
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10176
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-1.47% / 80.15%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Debian GNU/LinuxOracle CorporationNetApp, Inc.Phoenix Contact GmbH & Co. KG
Product-oncommand_unified_manageroncommand_balanceplug-in_for_symantec_netbackupjdkactive_iq_unified_managersteelstore_cloud_integrated_storagedebian_linuxcloud_backuponcommand_insightvasa_provider_for_clustered_data_ontapfl_mguard_dmoncommand_performance_managerjreelement_softwaresnapmanagervirtual_storage_consoleoncommand_shifte-series_santricity_storage_managerstorage_replication_adapter_for_clustered_data_ontapjrockite-series_santricity_os_controllerJava
CVE-2017-10115
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.57%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.Phoenix Contact GmbH & Co. KG
Product-enterprise_linux_desktoponcommand_unified_manageroncommand_balanceplug-in_for_symantec_netbackupenterprise_linux_server_tusenterprise_linux_eusenterprise_linux_workstationjdkactive_iq_unified_managersatellitesteelstore_cloud_integrated_storagedebian_linuxenterprise_linux_servercloud_backupenterprise_linux_server_ausoncommand_insightvasa_provider_for_clustered_data_ontapfl_mguard_dmoncommand_performance_managerjreelement_softwaresnapmanagervirtual_storage_consoleoncommand_shifte-series_santricity_storage_managerstorage_replication_adapter_for_clustered_data_ontapjrockite-series_santricity_os_controllerJava
CVE-2017-10310
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-2.01% / 82.98%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hyperion_financial_reportingHyperion Financial Reporting
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10328
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-1.74% / 81.75%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-application_object_libraryApplication Object Library
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10332
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-1.74% / 81.75%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-universal_work_queueUniversal Work Queue
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10287
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 42.61%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_scm_strategic_sourcingPeopleSoft Enterprise SCM Strategic Sourcing
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10037
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-2.12% / 83.44%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Service API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle BI Publisher accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-business_intelligence_publisherBI Publisher (formerly XML Publisher)
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10266
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 65.45%
||
7 Day CHG~0.00%
Published-14 Nov, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Tuxedo accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-tuxedoTuxedo
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10383
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 64.11%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Guest Access. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Guest Access accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_guest_accessHospitality Guest Access
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-1000029
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-72.67% / 98.72%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

Action-Not Available
Vendor-n/aOracle Corporation
Product-glassfish_servern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10319
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 65.45%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Leisure). Supported versions that are affected are 8.10.1 and 8.10.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Suite8 accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_suite8Hospitality Suite8
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10331
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 60.83%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-application_object_libraryApplication Object Library
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10335
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-1.74% / 81.75%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Elastic Search). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_peopletoolsPeopleSoft Enterprise PT PeopleTools
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-1000028
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-93.87% / 99.86%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

Action-Not Available
Vendor-n/aOracle Corporation
Product-glassfish_servern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2017-10324
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.42% / 60.83%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Technology Stack. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Technology Stack accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-e-business_suite_technology_stackE-Business Suite Technology Stack
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10259
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-2.12% / 83.44%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-n/aOracle Corporation
Product-coreid_accessn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10136
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-1.28% / 78.80%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported version that is affected is 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Simphony accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-hospitality_simphonyHospitality Simphony
CVE-2017-10192
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.56% / 67.42%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-istoreiStore
CVE-2017-10267
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.95% / 75.42%
||
7 Day CHG~0.00%
Published-14 Nov, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-tuxedoTuxedo
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10373
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.40%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Health Center). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-peoplesoft_enterprise_peopletoolsPeopleSoft Enterprise PT PeopleTools
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-10300
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.51% / 65.45%
||
7 Day CHG~0.00%
Published-19 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Siebel Business Service Issues). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel CRM Desktop. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel CRM Desktop accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Action-Not Available
Vendor-Oracle Corporation
Product-siebel_customer_relationship_management_desktopSiebel CRM Desktop
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-1000030
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.58% / 87.29%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface.

Action-Not Available
Vendor-n/aOracle Corporation
Product-glassfish_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2014-1484
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-0.63% / 69.42%
||
7 Day CHG~0.00%
Published-06 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSEGoogle LLCOracle Corporation
Product-solarisfirefoxopensuselinux_enterprise_desktoplinux_enterprise_serverlinux_enterprise_software_development_kitandroidn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-8977
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 40.75%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.

Action-Not Available
Vendor-Linux Kernel Organization, IncOracle CorporationHP Inc.IBM CorporationMicrosoft Corporation
Product-bigfix_inventorylicense_metric_toolaixsolarishp-uxlinux_kernelwindowsBigFix Inventory
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2006-3706
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.04% / 83.12%
||
7 Day CHG~0.00%
Published-19 Jul, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 has unknown impact and attack vectors, aka Oracle Vuln# AS01.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_servern/a
CVE-2016-8307
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5.3||MEDIUM
EPSS-0.72% / 71.49%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).

Action-Not Available
Vendor-Oracle Corporation
Product-flexcube_universal_bankingFLEXCUBE Universal Banking
CWE ID-CWE-284
Improper Access Control
CVE-2006-3714
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.28% / 84.03%
||
7 Day CHG~0.00%
Published-19 Jul, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in OC4J for Oracle Application Server 10.1.2.0.2 and 10.1.2.1 has unknown impact and attack vectors, aka Oracle Vuln# AS10.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_servern/a
CVE-2014-1483
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5||MEDIUM
EPSS-0.28% / 50.72%
||
7 Day CHG~0.00%
Published-06 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSEOracle CorporationCanonical Ltd.
Product-solarisfirefoxseamonkeyopensuseubuntu_linuxlinux_enterprise_desktopsuse_linux_enterprise_software_development_kitlinux_enterprise_servern/a
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2014-0391
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.75% / 72.25%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2014-0369
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.54% / 66.59%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a different vulnerability than CVE-2015-0366.

Action-Not Available
Vendor-n/aOracle Corporation
Product-siebel_crmn/a
CVE-2014-0368
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.28% / 84.04%
||
7 Day CHG+0.03%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2014-0450
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.29% / 52.39%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2014-0395
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.75% / 72.25%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Updates Environment Mgmt, a different vulnerability than CVE-2014-0394.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_productsn/a
CVE-2014-0449
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.69% / 70.87%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2013-0409
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-4.35% / 88.50%
||
7 Day CHG~0.00%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5895
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.41% / 84.48%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 01:33
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle CorporationHP Inc.
Product-enterprise_linux_workstation_supplementaryjavafxenterprise_linux_server_supplementaryenterprise_linux_server_supplementary_aushp-uxenterprise_linux_hpc_node_supplementaryjdkenterprise_linux_server_supplementary_eusjreenterprise_linux_desktop_supplementaryn/a
CVE-2013-5801
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.32% / 84.18%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2013-5794
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.32% / 54.49%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5841.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_productsn/a
CVE-2006-0425
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.53% / 66.04%
||
7 Day CHG~0.00%
Published-25 Jan, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment descriptor file via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-weblogic_portaln/a
CVE-2013-5841
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.32% / 54.49%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 17:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Portal, a different vulnerability than CVE-2013-5794.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_productsn/a
CVE-2013-5884
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-1.74% / 81.72%
||
7 Day CHG+0.02%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jrejdkn/a
CVE-2013-5880
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-78.61% / 99.00%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect confidentiality via unknown vectors related to DM Others.

Action-Not Available
Vendor-n/aOracle Corporation
Product-supply_chain_products_suiten/a
CVE-2013-5873
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.52% / 66.02%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect confidentiality via unknown vectors related to Integration Broker.

Action-Not Available
Vendor-n/aOracle Corporation
Product-peoplesoft_productsn/a
CVE-2013-5795
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-74.84% / 98.82%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2, and 12.2.3 allows remote attackers to affect confidentiality via unknown vectors related to DM Others.

Action-Not Available
Vendor-n/aOracle Corporation
Product-supply_chain_products_suitesupply_chain_products_suite_sql-servern/a
CVE-2013-5877
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-78.05% / 98.97%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote attackers to affect confidentiality via unknown vectors related to DM Others.

Action-Not Available
Vendor-n/aOracle Corporation
Product-supply_chain_products_suitesupply_chain_products_suite_sql-servern/a
CVE-2013-5869
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-0.56% / 67.35%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 00:30
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Page Service.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2013-5778
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-5||MEDIUM
EPSS-2.11% / 83.42%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • Next
Details not found